FFmpeg fixes PixelSmash flaw in widely used video decoder

A newly disclosed FFmpeg flaw dubbed 'PixelSmash' could be exploited for remote code execution on Jellyfin servers under ...
CSO Online

Hackers exploit critical PTC Windchill PLM software flaw

The popular product lifecycle management platform is under active exploitation for an RCE vulnerability that could put ...
Dark Reading

In Less Than 24 Hours, Attackers Weaponize Cisco CUCM Flaw

The flaw enables server-side request forgery (SSRF) and escalates privileges to root, impacting Cisco Unified CM and Unified ...
Network World

Attackers exploit Cisco Unified CM flaw weeks after patch release

New activity targets CVE‑2026‑20230, an SSRF bug that can allow unauthenticated file writes and potential root‑level access ...

New Apple Exploit Exposes Millions of iPhones Worldwide, No Software Fix Available

Researchers disclosed usbliter8, a SecureROM exploit affecting older Apple devices that can bypass boot protections with ...
Security Boulevard

Unpatchable usbliter8 Exploit Breaks Apple A12 and A13 SecureROM Boot Chain

What happened Security researchers at Paradigm Shift published a working exploit called usbliter8 that achieves arbitrary code execution inside the SecureROM of Apple’s A12 and A13 chips. SecureROM ...

CISA sets urgent deadline to fix Cisco flaw exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is giving federal agencies until Sunday to patch a ...
SecurityWeek

Hackers Exploiting Cisco Unified CM Vulnerability

CVE-2026-20230, a recently patched vulnerability affecting Cisco’s Unified Communications Manager, is being exploited in ...
The News International

It's scary': US congressman reacts to Anthropic's powerful AI model

Rep. Andrew Garbarino, chair of the House Homeland Security Committee, emerged visibly shaken after a closed-door ...
Security Boulevard

Hackers Exploit Gravity SMTP WordPress Plugin Vulnerability

What happened Threat actors are actively exploiting an unauthenticated information disclosure vulnerability in the Gravity SMTP WordPress plugin, which is installed on more than 100,000 WordPress ...
SecurityWeek

FFmpeg PixelSmash Flaw Allows RCE on Video Players, Media Servers, NAS Appliances

PixelSmash is a vulnerability in the FFmpeg framework that can be exploited via crafted media files for remote code execution ...

Chinese cybersecurity company claims it’s built a better-than-Mythos bug finder

Chinese cybersecurity vendor Qihoo 360 claims it’s built an AI bug-finder that’s better than Anthropic’s Mythos model.