Large language models (LLMs) are proving to be valuable tools for discovering zero-days, bypassing detection, and writing exploit code, thereby lowering the barrier to entry for penetration testers — ...

Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.

Valuable tools for experienced attackers and researchers, LLMs are not yet capable of creating exploits at a prompt, researchers found in a test of 50 AI models — some of which are getting better ...

The risk of attackers exploiting a recently disclosed maximum severity vulnerability in Cisco's IOS XE Wireless Controller software has increased significantly following the public release of detailed ...

The vendor has issued a patch to close four holes in its flagship Backup & Replication suite; version 13 users are advised to ...

Exploit code has been published for CVE-2025-64155, a critical command injection vulnerability affecting Fortinet FortiSIEM ...

Technical details and a public exploit have been published for a critical vulnerability affecting Fortinet's Security ...

Trend Micro patched a critical Apex Central on-prem Windows flaw (CVE-2025-69258) with CVSS 9.8 that allows remote code ...

First Patch Tuesday of 2026 goes big Microsoft and Uncle Sam have warned that a Windows bug disclosed today is already under ...