Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 releases.

Thousands of iPhones were compromised using the Coruna exploit kit, which chained 23 iOS vulnerabilities into advanced attacks used for espionage and cybercrime.

Google and iVerify researchers say the case points to a thriving secondary market for high-end zero-day exploits.

Claude Code would execute hidden code from untrusted projects before any user confirmation, Check Point reports.

The Coruna exploit kit has 23 exploits targeting iOS devices, previously used in Russian attacks and now in cybercrime ...

A previously undocumented set of 23 iOS exploits named "Coruna" has been deployed by multiple threat actors in targeted espionage campaigns and financially motivated attacks.

CISA has expanded the Known Exploited Vulnerabilities catalog with three bugs targeted by the nation-state-grade Coruna iOS exploit kit.

Google uncovered Coruna iOS exploit kit with 23 exploits across five chains targeting iPhones running iOS 13–17.2.1.

Cisco has released security updates to patch two maximum-severity vulnerabilities in its Secure Firewall Management Center (FMC) software.

Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...

Google's security team exposes Coruna exploit kit targeting iPhones running iOS 13-17.2.1 to steal crypto wallets. Update now ...