The Hacker News

Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution

Critical CVE-2026-2329 flaw in Grandstream GXP1600 VoIP phones enables unauthenticated RCE, call interception, and credential theft.
The Register on MSN

Notepad's new Markdown powers served with a side of remote code execution

Smug faces across all those who opposed the WordPad-ification of Microsoft's humble text editor Just months after Microsoft ...

Windows 11 Notepad flaw let files execute silently via Markdown links

Microsoft has fixed a "remote code execution" vulnerability in Windows 11 Notepad that allowed attackers to execute local or ...

Critical BeyondTrust RCE flaw now exploited in attacks, patch now

A critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access ...
HotHardware

Microsoft Windows Server Update Service Is Under Attack, What You Need To Know

Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...
SecurityWeek

BeyondTrust Vulnerability Targeted by Hackers Within 24 Hours of PoC Release

Threat actors began targeting a recently patched BeyondTrust vulnerability shortly after a proof-of-concept (PoC) exploit was released.

Chrome Vulnerabilities Allow Code Execution, Browser Crashes

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites.
WinBuzzer

Microsoft Patches High-Severity Notepad Remote Code Execution Flaw

Microsoft has patched the Windows Notepad remote code execution vulnerability CVE-2026-20841, warning users to install February 2026 updates to block exploits.
WinBuzzer

10,000+ Claude Desktop Users Exposed by Zero-Click Flaw

A zero-click vulnerability in Claude Desktop Extensions has exposed over 10,000 users to remote code execution through ...