A critical unauthenticated remote code execution vulnerability — tracked as **wp2shell** — was disclosed in WordPress core this week, affecting every site running WordPress 6.9 or 7.0. According to [T
Zoom has disclosed a critical-severity vulnerability in its Windows desktop client and Windows SDK, warning that an unauthenticated remote attacker can exploit it to fully hijack victim accounts — no
CISA has added **CVE-2026-45247** to its [Known Exploited Vulnerabilities (KEV) catalog](https://thehackernews.com/2026/06/cisa-adds-exploited-magento-rce-flaw.html), confirming active in-the-wild exp