Critical remote code execution (RCE) flaws have surfaced in popular AI inference servers, exposing systems from giants like Meta, NVIDIA, and Microsoft to severe attacks.
These vulnerabilities stem from unsafe use of ZeroMQ (ZMQ) for communication and Python's pickle module for deserialization, allowing attackers...
Cybersecurity researchers have observed a surge in attacks targeting CVE-2025-24893, a critical remote code execution flaw in the XWiki platform.
This vulnerability allows unauthenticated attackers to inject and execute arbitrary Groovy code via the SolrSearch macro, enabling full server compromise.
Since its addition to...
Cursor, a popular AI-powered code editor built on Visual Studio Code (VS Code), has a built-in browser feature that developers use for quick web previews and testing.
Recent research reveals a serious security flaw: hackers can exploit rogue Model Context Protocol (MCP) servers to...
NVIDIA, a leader in AI computing, has disclosed two high-severity vulnerabilities in its NeMo Framework, an open-source toolkit for building generative AI models.
Released on November 7, 2025, the security bulletin urges users to update to version 2.5.0 or later to patch flaws that...
Zoho Corporation, known for its suite of business software, has disclosed a serious security flaw in its Analytics Plus tool.
This vulnerability, tracked as CVE-2025-8324, allows unauthenticated attackers to inject malicious SQL code into the system.
Discovered in on-premise versions, the bug stems from...
A severe security flaw in Imunify360's antivirus tool, AI-bolit, puts millions of websites at risk of remote code execution (RCE) attacks.
This vulnerability affects versions before 32.7.4.0 and impacts up to 56 million Linux-hosted sites, primarily on shared hosting platforms.
Discovered in late October...