Tag: rce
-
React2Shell RCE Flaws Put React and Next.js Apps at Severe Risk
React2Shell exposes critical flaws that let attackers run code on millions of apps. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/react2shell-rce-flaws-put-react-and-next-js-apps-at-severe-risk/
-
React2Shell RCE Flaws Put React and Next.js Apps at Severe Risk
React2Shell exposes critical flaws that let attackers run code on millions of apps. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/react2shell-rce-flaws-put-react-and-next-js-apps-at-severe-risk/
-
Dangerous RCE Flaw in React, Next.js Threatens Cloud Environments, Apps
Security and developer teams are scrambling to address a highly critical security flaw in frameworks tied to the popular React JavaScript library. Not only is the vulnerability, which also is in the Next.js framework, easy to exploit, but React is widely used, including in 39% of cloud environments. First seen on securityboulevard.com Jump to article:…
-
ShadyPanda’s Years-Long Browser Hack Infected 4.3 Million Users
A threat group dubbed ShadyPanda exploited traditional extension processes in browser marketplaces by uploading legitimate extensions and then quietly weaponization them with malicious updates, infecting 4.3 million Chrome and Edge users with RCE malware and spyware. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/shadypandas-years-long-browser-hack-infected-4-3-million-users/
-
ShadyPanda’s Years-Long Browser Hack Infected 4.3 Million Users
A threat group dubbed ShadyPanda exploited traditional extension processes in browser marketplaces by uploading legitimate extensions and then quietly weaponization them with malicious updates, infecting 4.3 million Chrome and Edge users with RCE malware and spyware. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/shadypandas-years-long-browser-hack-infected-4-3-million-users/
-
Developers urged to immediately upgrade React, Next.js
create-next-app and built for production is vulnerable without any specific code modifications by the developer,” Wiz also warns.The problem in React’s server package, designated CVE-2025-55182, is a logical deserialization vulnerability allowing the server to processes RSC payloads in an unsafe way. When a server receives a specially crafted, malformed payload, say Wiz researchers, it fails to validate the…
-
Kritische Schwachstelle in React (und Next.js)
In den React Server Components gibt es eine kritische RCE-Schwachstelle (CVE-2025-55182) mit einem CVSS-Score von 10.0. Die Schwachstelle hat nicht nur Auswirkungen auf die React Server Components (ein JavaScript-Framework zur Entwicklung von Web-Komponenten), sondern auch auf Next.js. React ist eine JavaScript-Programmbibliothek … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/12/04/kritische-schwachstelle-in-react-und-next-js/
-
RCE flaw in OpenAI’s Codex CLI highlights new risks to dev environments
Tags: access, ai, api, attack, automation, backdoor, cloud, exploit, flaw, google, malicious, open-source, openai, rce, remote-code-execution, risk, service, tool, vulnerabilityMultiple attack vectors: For this flaw to be exploited, the victim needs to clone the repository and run Codex on it and an attacker needs to have commit access to the repo or have their malicious pull request accepted.”Compromised templates, starter repos, or popular open-source projects can weaponize many downstream consumers with a single commit,”…
-
Stealth RCE in Codex Exposes Developer Workflows
A Codex CLI flaw lets attackers turn simple repo files into hidden execution triggers. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/stealth-rce-in-codex-exposes-developer-workflows/
-
4.3M Users Exposed in ShadyPanda’s Long-Running Browser Hack
ShadyPanda spent years hiding inside Google-verified extensions before unleashing an RCE backdoor that compromised 4.3 million users. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/4-3m-users-exposed-in-shadypandas-long-running-browser-hack/
-
Schwachstelle für Malware-Verteilung genutzt – Notfall-Update für kritische RCE-Sicherheitslücke in WSUS
First seen on security-insider.de Jump to article: www.security-insider.de/microsoft-notfall-patch-kritische-wsus-sicherheitsluecke-a-d338bab93ebc2563e1999cae18f17e00/
-
âš¡ Weekly Recap: Hot CVEs, npm Worm Returns, Firefox RCE, M365 Email Raid & More
Hackers aren’t kicking down the door anymore. They just use the same tools we use every day, code packages, cloud accounts, email, chat, phones, and “trusted” partners, and turn them against us.One bad download can leak your keys. One weak vendor can expose many customers at once. One guest invite, one link on a phone,…
-
PoC Released for Outlook “MonikerLink” RCE Flaw Allowing Remote Code Execution
Security researchers have released a proof-of-concept (PoC) exploit for CVE-2024-21413, a critical remote code execution vulnerability in Microsoft Outlook dubbed >>MonikerLink.
-
Microsofts Update Health Tools (KB4023057) war per RCE angreifbar
Die Microsofts Update Health Tools (KB4023057) Deutsch “Integritätstools Windows Update Service-Komponenten” war in der Version 1.0 angreifbar und ermöglichte Remote Code Execution-Angriffe. In der Version 1.1 sind zumindest Systeme für den EU-Bereich geschützt, wenn ich es richtig interpretiere. … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/30/microsofts-update-health-tools-kb4023057-war-per-rce-angreifbar/
-
Windows-Schwachstelle CVE-2025-59287 wird für ShadowPad-Malware-Verteilung per WSUS genutzt
In Windows Server gab es eine mit einem CVSS Score von 9.8 bewertete kritische RCE-Schwachstelle CVE-2025-59287 im WSUS-Teil, mit dem sich die Systeme übernehmen lassen. Die Schwachstelle wurde im Oktober 2025 mit Sicherheitsupdates geschlossen. Nun gibt es Berichte, dass Angreifer … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/28/windows-schwachstelle-cve-2025-59287-wird-fuer-shadowpad-malware-verteilung-per-wsus-genutzt/
-
New Fluent Bit Flaws Expose Cloud to RCE and Stealthy Infrastructure Intrusions
Cybersecurity researchers have discovered five vulnerabilities in Fluent Bit, an open-source and lightweight telemetry agent, that could be chained to compromise and take over cloud infrastructures.The security defects “allow attackers to bypass authentication, perform path traversal, achieve remote code execution, cause denial-of-service conditions, and manipulate tags,” Oligo Security said in First seen on thehackernews.com Jump…
-
Attackers deliver ShadowPad via newly patched WSUS RCE bug
Attackers exploited a patched WSUS flaw (CVE-2025-59287) to gain access, use PowerCat for a shell, and deploy the ShadowPad malware. AhnLab SEcurity intelligence Center (ASEC) researchers reported that threat actors exploited a recently patched WSUS flaw (CVE-2025-59287) to deliver the ShadowPad malware. ShadowPad is a backdoor widely used by China-linked APT groups and privately sold…
-
Attackers deliver ShadowPad via newly patched WSUS RCE bug
Attackers exploited a patched WSUS flaw (CVE-2025-59287) to gain access, use PowerCat for a shell, and deploy the ShadowPad malware. AhnLab SEcurity intelligence Center (ASEC) researchers reported that threat actors exploited a recently patched WSUS flaw (CVE-2025-59287) to deliver the ShadowPad malware. ShadowPad is a backdoor widely used by China-linked APT groups and privately sold…
-
Attackers deliver ShadowPad via newly patched WSUS RCE bug
Attackers exploited a patched WSUS flaw (CVE-2025-59287) to gain access, use PowerCat for a shell, and deploy the ShadowPad malware. AhnLab SEcurity intelligence Center (ASEC) researchers reported that threat actors exploited a recently patched WSUS flaw (CVE-2025-59287) to deliver the ShadowPad malware. ShadowPad is a backdoor widely used by China-linked APT groups and privately sold…
-
Attackers deliver ShadowPad via newly patched WSUS RCE bug
Attackers exploited a patched WSUS flaw (CVE-2025-59287) to gain access, use PowerCat for a shell, and deploy the ShadowPad malware. AhnLab SEcurity intelligence Center (ASEC) researchers reported that threat actors exploited a recently patched WSUS flaw (CVE-2025-59287) to deliver the ShadowPad malware. ShadowPad is a backdoor widely used by China-linked APT groups and privately sold…
-
Oracle OIM zero”‘day: Pre”‘auth RCE forces rapid patching across enterprises
Tags: advisory, authentication, cyber, exploit, flaw, oracle, rce, remote-code-execution, sans, technology, update, vulnerabilityThe patching urgency: In its CPU advisory, Oracle addressed this flaw along with hundreds of others across its portfolio. Researchers call it a common Java filter flaw, which makes it a known territory for attackers.”The vulnerability our team discovered follows a familiar pattern in Java: filters designed to restrict authentication often contain easy-to-exploit authentication bypass…
-
Oracle OIM zero”‘day: Pre”‘auth RCE forces rapid patching across enterprises
Tags: advisory, authentication, cyber, exploit, flaw, oracle, rce, remote-code-execution, sans, technology, update, vulnerabilityThe patching urgency: In its CPU advisory, Oracle addressed this flaw along with hundreds of others across its portfolio. Researchers call it a common Java filter flaw, which makes it a known territory for attackers.”The vulnerability our team discovered follows a familiar pattern in Java: filters designed to restrict authentication often contain easy-to-exploit authentication bypass…
-
Oracle OIM zero”‘day: Pre”‘auth RCE forces rapid patching across enterprises
Tags: advisory, authentication, cyber, exploit, flaw, oracle, rce, remote-code-execution, sans, technology, update, vulnerabilityThe patching urgency: In its CPU advisory, Oracle addressed this flaw along with hundreds of others across its portfolio. Researchers call it a common Java filter flaw, which makes it a known territory for attackers.”The vulnerability our team discovered follows a familiar pattern in Java: filters designed to restrict authentication often contain easy-to-exploit authentication bypass…
-
Oracle OIM zero”‘day: Pre”‘auth RCE forces rapid patching across enterprises
Tags: advisory, authentication, cyber, exploit, flaw, oracle, rce, remote-code-execution, sans, technology, update, vulnerabilityThe patching urgency: In its CPU advisory, Oracle addressed this flaw along with hundreds of others across its portfolio. Researchers call it a common Java filter flaw, which makes it a known territory for attackers.”The vulnerability our team discovered follows a familiar pattern in Java: filters designed to restrict authentication often contain easy-to-exploit authentication bypass…
-
PoC Published for W3 Total Cache Flaw Exposing 1M+ Sites to RCE
Security researchers have published a proof-of-concept exploit for a critical remote code execution vulnerability in W3 Total Cache, one of WordPress’s most popular caching plugins with over one million active installations. The flaw, tracked as CVE-2025-9501, allows attackers to execute arbitrary code on vulnerable websites under specific conditions. Field Details CVE ID CVE-2025-9501 Affected Product…
-
PoC Published for W3 Total Cache Flaw Exposing 1M+ Sites to RCE
Security researchers have published a proof-of-concept exploit for a critical remote code execution vulnerability in W3 Total Cache, one of WordPress’s most popular caching plugins with over one million active installations. The flaw, tracked as CVE-2025-9501, allows attackers to execute arbitrary code on vulnerable websites under specific conditions. Field Details CVE ID CVE-2025-9501 Affected Product…
-
CISA Issues Warning as Hackers Target Oracle Identity Manager RCE Flaw
Tags: authentication, cisa, cve, cyber, cybersecurity, exploit, flaw, hacker, identity, infrastructure, kev, oracle, rce, remote-code-execution, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a new Oracle vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that attackers are already exploiting it in real-world attacks. The bug, tracked as CVE-2025-61757, affects Oracle Identity Manager, part of Oracle Fusion Middleware. The flaw is rated as a “missing authentication for critical…
-
CISA warns Oracle Identity Manager RCE flaw is being actively exploited
Tags: attack, cisa, cve, cybersecurity, exploit, flaw, government, identity, infrastructure, oracle, rce, remote-code-execution, updateThe U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning government agencies to patch an Oracle Identity Manager tracked as CVE-2025-61757 that has been exploited in attacks, potentially as a zero-day. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-oracle-identity-manager-rce-flaw-is-being-actively-exploited/
-
CISA warns Oracle Identity Manager RCE flaw is being actively exploited
Tags: attack, cisa, cve, cybersecurity, exploit, flaw, government, identity, infrastructure, oracle, rce, remote-code-execution, updateThe U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning government agencies to patch an Oracle Identity Manager tracked as CVE-2025-61757 that has been exploited in attacks, potentially as a zero-day. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-oracle-identity-manager-rce-flaw-is-being-actively-exploited/
-
NHS Warns of PoC Exploit for 7-Zip Symbolic LinkBased RCE Vulnerability
Update: The NHS England Digital, in an updated advisory on November 20, 2025, said it has not observed in-the-wild exploitation of CVE-2025-11001, but noted that it’s “aware of a public proof-of-concept exploit.” It has since removed what it said were “erroneous references” to active exploitation.The original story follows below -A recently disclosed security flaw impacting…