Bug bounties have become a staple of the cyber security toolkit, offering researchers a way to get paid to find and report bugs and giving businesses a route to fix unknown flaws. However, this model ...

Codex Security, formerly Aardvark⁠, has found hundreds of critical vulnerabilities in tested software in the past month.

All Intel processors since 2018 are affected by Branch Privilege Injection. The image shows an example of an Intel server system. Anyone who speculates on likely events ahead of time and prepares ...

Google has released emergency security updates to patch two high-severity Chrome vulnerabilities exploited in zero-day attacks.

Zero-days in .NET and SQL Server, and a handful of critical RCE bugs, form the nucleus of Microsoft's March Patch Tuesday update.

A new vulnerability in GitLab’s Ultimate Enterprise Edition used for managing source code is “dangerous” and needs to be quickly patched, says an expert. The vulnerability, CVE-2025-5121, is one of 10 ...

Google paid over $17 million to 747 security researchers who reported security bugs through its Vulnerability Reward Program (VRP) in 2025. The company says it has awarded over $81.6 million in bug ...

Threat actors now have the ability to exploit a new zero-day vulnerability in the Chrome browser, Google has advised IT administrators. The warning comes after Google released a patch for Chrome to ...

LexisNexis confirmed a data breach after hackers leaked stolen files, with attackers claiming they exploited the React2Shell ...

Business has slowed considerably in the vulnerability management market segment, yet there are more vulnerabilities to contend with than ever before. When security mainstays experience the same harsh ...