Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M installs.

Users could be tricked into running arbitrary code, but the issue was patched last week.

Four serious new vulnerabilities affect Microsoft Visual Studio Code, Cursor and Windsurf extensions, three of which remain ...

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.

Notepad++ improves security mechanisms and closes a new vulnerability that allows attackers to execute malicious code.

Threat actors began targeting a recently patched BeyondTrust vulnerability shortly after a proof-of-concept (PoC) exploit was released.

CVE-2026-21525 is a denial-of-service vulnerability affecting the Windows Remote Access Connection Manager. “Exploitation is local, requires no privileges, and does not rely on user interaction,” ...

CleanTalk WordPress plugin vulnerability affecting up to 200,000 sites could lead to remote code execution by unauthenticated attackers.

SecurityBridge today announced the launch of its SecurityBridge Code Vulnerability Analyzer (CVA) powered by AI, a significant enhancement to its holistic SAP security platform. This tool leverages ...