Ivanti warns of new EPMM flaw exploited in zero-day attacks

Ivanti warned customers today to patch a high-severity remote code execution vulnerability in Endpoint Manager Mobile (EPMM) ...
Morning Overview on MSN

SharePoint zero-day CVE-2026-32201 allows remote code execution with no privileges required — 1,300+ servers still exposed

A critical zero-day vulnerability in Microsoft SharePoint is being exploited in the wild right now, and more than 1,300 ...
Morning Overview on MSN

GitHub patches critical remote code execution flaw in private repositories

GitHub has patched a high-severity remote code execution vulnerability that allowed anyone with push access to a private ...

Palo Alto Networks firewall zero-day exploited for nearly a month

Palo Alto Networks warned customers that suspected state-sponsored hackers have been exploiting a critical-severity PAN-OS ...

Google Update: Android Flaw Could Put Billions of Devices at Risk

Google patched an Android zero-click RCE flaw affecting multiple versions. Here’s what IT teams should know and how to reduce mobile risk.
The Hacker News

MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks

MetInfo CMS flaw CVE-2026-29014 exploited after April 7 patch, enabling remote code execution and targeting 2,000 instances.
InfoWorld

AI finds 20-year-old bugs in PostgreSQL and MariaDB

Critical flaws affecting core components and extensions in PostgreSQL and MariaDB could allow remote code execution. The bugs ...
SecurityWeek

Critical Gemini CLI Flaw Enabled Host Code Execution, Supply Chain Attacks

A critical remote code execution and supply chain vulnerability was recently discovered by researchers in Gemini CLI.
SecurityWeek

Critical Remote Code Execution Vulnerability Patched in Android

Google announced on Monday the release of an Android update patching a critical vulnerability that can be exploited for ...