Attackers are exploiting CVE-2026-4020 in Gravity SMTP to leak API keys, OAuth tokens, and system data from WordPress sites.

A newly discovered 732-byte Python exploit poses severe risks to Linux systems globally. Affecting distributions like Ubuntu ...

CVE-2026-48907 in the Joomla JCE plugin lets unauthenticated attackers drop PHP web shells with a single crafted request.

Intruder analyzed 3,000 attack surfaces and found 60% exposed HTTP panels, 49% risky ports, and 42% internet-facing databases ...

As attackers ramp up their AI exploit development, the search for software vulnerabilities is changing rapidly. “I’ve probably submitted three times more bugs than I did last year at this time—I would ...

Forza Horizon 6 players are exploiting certain parts of the game so that they can quickly and easily unlock every vehicle in the game. As spotted by GamesRadar, YouTuber XMBWesley posted a guide on ...

A recently patched Linux privilege escalation vulnerability now has a publicly available proof-of-concept (PoC) exploit that allows local attackers to gain root privileges on Arch Linux systems. The ...

A recently patched local privilege escalation vulnerability in the Linux kernel's rxgk module now has a proof-of-concept exploit that allows attackers to gain root access on some Linux systems. Named ...

For the second time in two weeks, a significant privilege escalation vulnerability has been discovered in Linux. The vulnerability known as "Dirty Frag" enables escalation from an unprivileged user to ...

Back-to-back kernel vulnerabilities in Linux has defenders scrambling to apply defenses in the age of quick turnaround time for hackers to exploit nascent flaws. See Also: Data Trust Drives Long-Term ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...