Marimo CVE-2026-39987 exploited within 10 hours of disclosure, enabling unauthenticated RCE and credential theft, emphasizing urgent patching needs.

A threat actor started exploiting CVE-2026-39987, an unauthenticated RCE vulnerability in Marimo, nine hours after public disclosure.

A researcher released a working ‘BlueHammer’ Windows zero-day exploit that could impact over 1 billion devices, granting ...

Infosecurity outlines key recommendations for CISOs and security teams to implement safeguards for AI-assisted coding ...

The cybercrime crew linked to the Trivy supply-chain attack has struck again, this time pushing malicious Telnyx package ...

A newly discovered attack sandbags Apple users into hacking themselves. Here’s what all Mac users need to know.

Threat actors have demonstrated just how quickly they operate today after exploiting a critical open source vulnerability within 20 hours, working only from the advisory description. The bug, CVE-2026 ...

The big picture: A cybercriminal is reportedly selling a Windows zero-day exploit on the dark web for $220,000. The vulnerability, which targets Windows Remote Desktop Services, could allow an ...

Forbes contributors publish independent expert analyses and insights. Dara-Abasi Ita covers AI in boring asset classes. As AI-driven tools compress the "Time to Exploit" (TTE) from weeks to mere days, ...

A new report out today from Google LLC’s Threat Intelligence Group finds that zero-day vulnerability exploitation remained elevated in 2025 as attackers increasingly targeted enterprise infrastructure ...