Tag: rce
-
Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell
A China-linked unnamed threat actor dubbed Chaya_004 has been observed exploiting a recently disclosed security flaw in SAP NetWeaver.Forescout Vedere Labs, in a report published today, said it uncovered a malicious infrastructure likely associated with the hacking group weaponizing CVE-2025-31324 (CVSS score: 10.0) since April 29, 2025.CVE-2025-31324 refers to a critical SAP NetWeaver flaw First…
-
SonicWall Issues Patch for Exploit Chain in SMA Devices
Three vulnerabilities in SMA 100 gateways could facilitate root RCE attacks, and one of the vulnerabilities has already been exploited in the wild. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/sonicwall-patch-exploit-chain-sma-devices
-
Significant RCE compromise likely with SysAid vulnerabilities
First seen on scworld.com Jump to article: www.scworld.com/brief/significant-rce-compromise-likely-with-sysaid-vulnerabilities
-
Samsung MagicINFO 9 Server RCE flaw now exploited in attacks
Hackers are exploiting an unauthenticated remote code execution (RCE) vulnerability in the Samsung MagicINFO 9 Server to hijack devices and deploy malware. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/samsung-magicinfo-9-server-rce-flaw-now-exploited-in-attacks/
-
Critical Langflow RCE flaw exploited to hack AI app servers
Tags: ai, cybersecurity, exploit, flaw, infrastructure, mitigation, rce, remote-code-execution, update, vulnerabilityThe U.S. Cybersecurity & Infrastructure Security Agency (CISA) has tagged a Langflow remote code execution vulnerability as actively exploited, urging organizations to apply security updates and mitigations as soon as possible. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-langflow-rce-flaw-exploited-to-hack-ai-app-servers/
-
RCE flaw in tool for building AI agents exploited by attackers (CVE-2025-3248)
A missing authentication vulnerability (CVE-2025-3248) in Langflow, a web application for building AI-driven agents, is being exploited by attackers in the wild, CISA has … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/06/langflow-cve-2025-3248-exploited/
-
Android Security Update -A Critical RCE Vulnerability Actively Exploited in the Wild
Google has released critical security patches for Android devices to address 57 vulnerabilities across multiple subsystems, including an actively exploited remote code execution flaw tracked as CVE-2025-27363. The May 2025 security bulletin confirms this high-severity vulnerability in Android’s System component enables local code execution without requiring additional privileges or user interaction. Devices running Android 13…
-
Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi
Cybersecurity researchers have disclosed a series of now-patched security vulnerabilities in Apple’s AirPlay protocol that, if successfully exploited, could enable an attacker to take over susceptible devices supporting the proprietary wireless technology.The shortcomings have been collectively codenamed AirBorne by Israeli cybersecurity company Oligo.”These vulnerabilities can be chained by First seen on thehackernews.com Jump to article:…
-
Hackers Exploit Critical NodeJS Vulnerabilities to Hijack Jenkins Agents for RCE
Tags: cyber, exploit, flaw, github, hacker, infrastructure, rce, remote-code-execution, risk, supply-chain, vulnerabilitySecurity researchers have identified critical vulnerabilities in the Node.js CI/CD infrastructure, exposing internal Jenkins agents to remote code execution and raising the risk of supply chain attacks. These flaws stemmed from the integration and communication gaps between multiple DevOps platforms-specifically GitHub Apps, GitHub Actions workflows, and Jenkins pipelines-that collectively manage Node.js’ continuous integration processes. Exploiting…
-
AirBorne flaws can lead to fully hijack Apple devices
Vulnerabilities in Apple’s AirPlay protocol and SDK exposed Apple and third-party devices to attacks, including remote code execution. Oligo Security found serious flaws, collectively tracked as AirBorne, in Apple’s AirPlay protocol and SDK, affecting Apple and third-party devices. Attackers can exploit the vulnerabilities to perform zero-/one-click RCE, bypass ACLs, read local files, steal data, and…
-
Wormable AirPlay Zero-Click RCE Flaw Allows Remote Device Hijack via Wi-Fi
A major set of vulnerabilities-collectively named “AirBorne”-in Apple’s AirPlay protocol and SDK have been unveiled, enabling an array of severe attack vectors. Most critically, these flaws allow zero-click “wormable” Remote Code Execution (RCE), meaning attackers can take over Apple and third-party devices via Wi-Fi without any user interaction. The impact spans billions of devices globally, including…
-
Apple ‘AirBorne’ flaws can lead to zero-click AirPlay RCE attacks
Tags: apple, attack, data-breach, flaw, programming, rce, remote-code-execution, software, vulnerabilityA set of security vulnerabilities in Apple’s AirPlay Protocol and AirPlay Software Development Kit (SDK) exposed unpatched third-party and Apple devices to various attacks, including remote code execution. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/apple-airborne-flaws-can-lead-to-zero-click-airplay-rce-attacks/
-
Commvault RCE Vulnerability Exploited”, PoC Released
Enterprises and managed service providers globally are now facing urgent security concerns following the disclosure of a major pre-authenticated remote code execution (RCE) vulnerability in Commvault’s on-premise backup and recovery software. The issue, tracked as CVE-2025-34028, has rocked the cybersecurity world, particularly after researchers published a fully working proof-of-concept (PoC) exploit. With attackers actively probing…
-
Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028)
If your organization is using Commvault Command Center for your data protection, backup creation, configuration and restoration needs, you should check whether your on-premise … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/24/critical-commvault-rce-vulnerability-fixed-poc-available-cve-2025-34028/
-
Zyxel RCE Flaw Lets Attackers Run Commands Without Authentication
Tags: authentication, cyber, exploit, firewall, flaw, network, rce, remote-code-execution, vulnerability, zyxelSecurity researcher Alessandro Sgreccia (aka >>rainpwn
-
PoC Released for Critical Erlang/OTP SSH RCE Vulnerability
Security teams across industries are urgently patching systems following the public release of a proof-of-concept (PoC) exploit for a newly disclosed critical remote code execution (RCE) vulnerability in Erlang/OTP’s SSH implementation. The flaw, tracked as CVE-2025-32433 and assigned a maximum CVSS score of 10.0, enables unauthenticated attackers to execute arbitrary code, potentially taking complete control of affected systems.…
-
Critical Erlang/OTP SSH pre-auth RCE is ‘Surprisingly Easy’ to exploit, patch now
A critical vulnerability in the Erlang/OTP SSH, tracked as CVE-2025-32433, has been disclosed that allows for unauthenticated remote code execution on vulnerable devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-erlang-otp-ssh-pre-auth-rce-is-surprisingly-easy-to-exploit-patch-now/
-
Researchers Find CVSS 10.0 Severity RCE Vulnerability in Erlang/OTP SSH
Security researchers report CVE-2025-32433, a CVSS 10.0 RCE vulnerability in Erlang/OTP SSH, allowing unauthenticated code execution on exposed… First seen on hackread.com Jump to article: hackread.com/researchers-cvss-severity-rce-vulnerability-erlang-otp-ssh/
-
Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability
A recently disclosed security flaw in Gladinet CentreStack also impacts its Triofox remote access and collaboration solution, according to Huntress, with seven different organizations compromised to date.Tracked as CVE-2025-30406 (CVSS score: 9.0), the vulnerability refers to the use of a hard-coded cryptographic key that could expose internet-accessible servers to remote code execution attacks First seen…
-
RCE Exploit Uncovered in Ivanti VPN After Silent Patch Oversight
First seen on scworld.com Jump to article: www.scworld.com/brief/rce-exploit-uncovered-in-ivanti-vpn-after-silent-patch-oversight
-
Exploitation of Ivanti VPN flaw to achieve RCE detailed
First seen on scworld.com Jump to article: www.scworld.com/brief/exploitation-of-ivanti-vpn-flaw-to-achieve-rce-detailed
-
Ivanti 0-Day RCE Flaw Exploitation Details Revealed
Tags: cyber, cybersecurity, exploit, flaw, ivanti, rce, remote-code-execution, vulnerability, zero-dayA critical unauthenticated Remote Code Execution (RCE) vulnerability, CVE-2025-22457, has been disclosed by Ivanti, sparking concerns across the cybersecurity industry. The flaw, which affects several Ivanti products, allows attackers to execute arbitrary code remotely, potentially compromising sensitive enterprise environments. Researchers, including the Rapid7 vulnerability team, have provided a detailed breakdown of how the flaw was exploited and what…
-
RCE flaw in MSP-friendly file sharing platform exploited by attackers (CVE-2025-30406)
A critical RCE vulnerability (CVE-2025-30406) affecting the Gladinet CentreStack file-sharing/remote access platform has been added to CISA’s Known Exploited … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/09/rce-gladinet-centrestack-file-sharing-exploited-cve-2025-30406/
-
CentreStack RCE exploited as zero-day to breach file sharing servers
Hackers exploited a vulnerability in Gladinet CentreStack’s secure file-sharing software as a zero-day since March to breach storage servers First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/centrestack-rce-exploited-as-zero-day-to-breach-file-sharing-servers/
-
Whatsapp plugs bug allowing RCE with spoofed filenames
Whatsapp makes for a popular attack vector: Whatsapp has been frequently targeted in the past for its popularity as an encrypted chatting platform. With over 10 billion downloads on Google Play Store alone, the platform makes for a lucrative target for threat actors.A similar security oversight was reported in July 2024 to be affecting the…
-
Ivanti Released Security Update With The Fixes for Critical Endpoint Manager RCE Vulnerabilities
Ivanti, a prominent enterprise software provider, has issued an urgent security advisory today addressing multiple vulnerabilities in its Endpoint Manager (EPM) products. The updates for EPM 2024 SU1 and EPM 2022 SU7 resolve six critical and medium-severity flaws that could allow attackers to gain remote access, escalate privileges, or disrupt systems. While no exploitation has…
-
Over 5,000 Ivanti Connect Secure Devices Exposed to RCE Vulnerabilities
Over 5,000 Ivanti Connect Secure devices remain vulnerable to a critical remote code execution (RCE) flaw, according to data from the Shadowserver Foundation. The vulnerability, tracked as CVE-2025-22457, stems from a stack-based buffer overflow issue, enabling unauthenticated attackers to execute arbitrary code remotely. The flaw has already been exploited in the wild, raising alarms across the…
-
Apache Parquet Critical RCE via Deserialization (CVE-2025-30065)
Summary On April 5, 2025, a critical deserialization vulnerability (CVE-2025-30065) affecting Apache Parquet was disclosed. Apache Parquet is an open source, column-oriented data file format First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/04/08/apache-parquet-critical-rce-via-deserialization-cve-2025-30065/
-
RCE Vulnerability in Apache Parquet Poses Risk to Big Data Systems
First seen on scworld.com Jump to article: www.scworld.com/brief/rce-vulnerability-in-apache-parquet-poses-risk-to-big-data-systems
-
Ivanti Fully Patched Connect Secure RCE Vulnerability That Actively Exploited in the Wild
April 5, 2025 Ivanti has issued an urgent security advisory for CVE-2025-22457, a critical vulnerability impacting Ivanti Connect Secure, Pulse Connect Secure, Ivanti Policy Secure, and ZTA Gateways. Rated at a CVSS score of 9.0, this stack-based buffer overflow has been actively exploited since mid-March 2025, posing a severe risk to organizations using these […]…