This SmarterMail vulnerability allows remote code execution - here's what we know

Business-grade email server software SmarterMail just patched a maximum-severity vulnerability that allowed threat actors to ...
The Hacker News

Veeam Patches Critical RCE Vulnerability with CVSS 9.0 in Backup & Replication

Veeam patched four Backup & Replication flaws, including CVE-2025-59470 (CVSS 9.0) enabling RCE; update to version ...

Trend Micro warns of critical Apex Central RCE vulnerability

Japanese cybersecurity software firm Trend Micro has patched a critical security flaw in Apex Central (on-premise) that could allow attackers to execute arbitrary code with SYSTEM privileges.

Vulnerability found in Babylon staking code could slow block production

A newly disclosed software flaw in the Bitcoin staking protocol Babylon may allow malicious validators to disrupt parts of ...

New Veeam vulnerabilities expose backup servers to RCE attacks

Veeam released security updates to patch multiple security flaws in its Backup & Replication software, including a critical ...

zlib: Critical vulnerability in untgz tool allows code smuggling – no update yet

A critical vulnerability in the zlib library, included in many operating systems and programs, allows code smuggling.
Dark Reading

What You Need to Know About Arbitrary Code Execution Vulnerabilities

They're serious. Notices about arbitrary code execution (ACE) vulnerabilities appear just about every week in alerts from US-CERT — the United States Computer Emergency Readiness Team, a part of the ...
InfoWorld

GitHub rolls out AI-powered fixes for code vulnerabilities

Copilot Autofix, a new addition to the GitHub Advanced Security service, analyzes vulnerabilities in code and offers code suggestions to help developers fix them. GitHub has unveiled Copilot Autofix, ...
Morningstar

OX Launches VibeSec to Prevent Vibe Code Vulnerabilities From Ever Being Generated

New platform redefines product security by embedding dynamic security context directly into AI code-generation agents while burning down existing backlogs Guided by live signals from each environment ...