Tenable Research has identified a critical vulnerability (CVSSv4 9.3) in a Microsoft GitHub repository that allowed for Remote Code Execution (RCE) and unauthorized access to repository secrets. This disclosure highlights that CI/CD
As organizations rapidly adopt agentic AI development tools into enterprise workflows, the trust boundaries between configuration and execution are increasingly blurred. Check Point Research identified critical vulnerabilities in Anthropic’s Claude Code that
Tenable Research has identified two major vulnerabilities dubbed “LookOut,” in Google Looker. The popular business intelligence platform is used by more than 60,000 companies in 195 countries, potentially allowing attackers to hijack
Check Point Research has identified an active, coordinated exploitation campaign targeting CVE-2025-37164, a critical remote code execution vulnerability affecting HPE OneView. The activity, observed directly in Check Point telemetry, is attributed to
Kaspersky ICS CERT experts have discovered critical vulnerabilities in Unisoc SoCs that could allow bypassing security measures and gaining unauthorized remote access by exploiting modem communication with the application processor. The findings
Tenable Research has discovered a critical memory corruption vulnerability in Fluent Bit’s built-in HTTP server that could potentially result in denial of service (DoS), information leakage, or remote code execution (RCE). The
“Of the 60 CVEs patched in this month’s Patch Tuesday release, only six are considered more likely to be exploited according to Microsoft’s Exploitability Index. These mostly include elevation of privilege
“This is the second straight Patch Tuesday with no zero-day vulnerabilities (either exploited or publicly disclosed) reported. Microsoft patched CVE-2024-21318, a remote code execution vulnerability in Microsoft SharePoint Server. An authenticated
