This glossary includes the most common terms and expressions TechCrunch uses in our security reporting, and explanations of ...

An Active! Mail zero-day remote code execution vulnerability is actively exploited in attacks on large organizations in Japan ...

Threat actors exploited Craft CMS zero-days CVE-2025-32432 and CVE-2024-58136, compromising 300 of 13,000 vulnerable servers.

The bug is an arbitrary code execution flaw, allowing threat actors to run any code on either Windows, or Linux servers. Apache OFBiz (short for Open For Business) is an open-source enterprise ...

Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain ...

The flaw, tracked as CV-2025-34028, could allow remote attackers to execute arbitrary code without authentication on affected ...

"A critical security vulnerability has been identified in the Command Center installation, allowing remote attackers to execute arbitrary code without authentication," Commvault said in an advisory ...

Servers exposed to complete takeover due to CVE-2025-32433, an unauthenticated remote code execution flaw in Erlang/OTP ...

Proof-of-concept code has been released after researchers disclosed a maximum severity remote code execution vulnerability in ...

The first three could enable an attacker to inject arbitrary NGINX configuration directives. When chained with the fourth, the threat actor would be able to achieve remote code execution. “When the ...