A single git push command. That is all it would have taken for someone with write access to a repository on GitHub Enterprise ...

ESET researchers discovered a code execution vulnerability in WPS Office for Windows (CVE⁠-⁠2024⁠-⁠7262), as it was being exploited by APT-C-60, a South Korea-aligned cyberespionage group. Upon ...

Speedrunners have achieved arbitrary code execution (ACE) in the original Super Mario Bros. for the first time, a feat long considered impossible. The discovery, sparked by a crash in The Lost Levels, ...

Vulnerabilities in EnOcean’s SmartServer IoT platform can be exploited to remotely hack building management systems.

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning of hackers exploiting an arbitrary code execution flaw in the Git distributed version control system. The agency has added the ...

Oasis Security has uncovered a flaw in the widely used AI-powered code editor Cursor that lets malicious repositories silently execute code the moment a developer opens them. According to a disclosure ...

Wiz discovered a critical remote code execution vulnerability in GitHub that exposed millions of repositories.

Networking hardware maker DrayTek released an advisory to warn about a security vulnerability in several Vigor router models that could allow remote, unauthenticated actors to execute perform ...

PandasAI, an open source project by SinaptikAI, has been found vulnerable to Prompt Injection attacks. An attacker with access to the chat prompt can craft malicious input that is interpreted as code, ...