Tag: rce
-
CrushFTP Hit by Critical 0-Day RCE Vulnerability Full Technical Details and PoC Published
Security researchers have disclosed a critical zero-day vulnerability in CrushFTP, a popular file transfer server solution, that allows attackers to execute arbitrary commands on affected systems without authentication. The vulnerability, tracked as CVE-2025-54309, has been assigned a maximum CVSS score of 9.8 and poses an immediate threat to organizations running vulnerable CrushFTP installations. Authentication Bypass Leads…
-
Hackers actively exploit critical RCE in WordPress Alone theme
Threat actors are actively exploiting a critical unauthenticated arbitrary file upload vulnerability in the WordPress theme ‘Alone,’ to achieve remote code execution and perform a full site takeover. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-actively-exploit-critical-rce-in-wordpress-alone-theme/
-
CISA Issues Alert on PaperCut RCE Vulnerability Under Active Exploitation
Tags: cisa, cve, cyber, cybersecurity, exploit, infrastructure, kev, rce, remote-code-execution, risk, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical PaperCut vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning organizations of active exploitation attempts targeting the widely-used print management software. The vulnerability, tracked as CVE-2023-2533, represents a significant security risk that could allow attackers to execute arbitrary code on affected systems. Critical Vulnerability…
-
CISA flags PaperCut RCE bug as exploited in attacks, patch now
CISA warns that threat actors are exploiting a high-severity vulnerability in PaperCut NG/MF print management software, which can allow them to gain remote code execution in cross-site request forgery (CSRF) attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-flags-papercut-rce-bug-as-exploited-in-attacks-patch-now/
-
Fixed Ivanti Bugs Still Haunt Japan Orgs 6 Months Later
Chinese threat actors have been feeding off the same Ivanti RCE vulnerabilities we’ve known about since last year, partly thanks to complications in patching. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/fixed-ivanti-bugs-japan-orgs-6-months-later
-
Chinese cyber spies among those linked to SharePoint attacks
Exploitation of the ToolShell RCE zero-day in Microsoft SharePoint continues to gather pace, with evidence emerging of exploitation by nation state-backed threat actors First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366627767/Chinese-cyber-spies-among-those-linked-to-SharePoint-attacks
-
Prettier-ESLint npm packages hijacked in a sophisticated supply chain attack
Tags: attack, authentication, credentials, detection, github, malicious, mfa, phishing, rce, remote-code-execution, supply-chain, updateAutomated GitHub alarms triggered a quick response: Detection was swift once the updates bypassed GitHub’s usual commit-based alerts and raised red flags in registry logs. The maintainer revoked the compromised token, deprecated the malicious releases, and collaborated with npm to remove them.Socket noted that the attack is a textbook example of “multi-stage supply chain compromise,”…
-
Cisco Alerts on ISE RCE Vulnerability Actively Exploited
Cisco has issued an urgent security advisory warning that a set of critical remote code execution (RCE) vulnerabilities affecting its Identity Services Engine (ISE) and Passive Identity Connector (ISE-PIC) products are being actively exploited in the wild. The flaws, tracked as CVE-2025-20281, CVE-2025-20282, and CVE-2025-20337, carry the highest possible severity rating, with a CVSS base…
-
Critical Sophos Firewall Flaws Allow Pre-Auth RCE
Tags: authentication, cyber, cybersecurity, firewall, flaw, network, rce, remote-code-execution, risk, sophos, vulnerabilitySophos has disclosed multiple critical security vulnerabilities affecting its Firewall products, with the most severe flaws enabling pre-authentication remote code execution that could allow attackers to completely compromise affected systems. The cybersecurity company released hotfixes for five independent vulnerabilities, two of which carry critical severity ratings and pose significant risks to enterprise networks worldwide. Severe…
-
Attackers Can Exploit Lighthouse Studio RCE Bug to Gain Server Access
Researchers at Assetnote have uncovered a critical remote code execution (RCE) vulnerability in Lighthouse Studio, a widely used survey software developed by Sawtooth Software. This flaw, affecting the Perl CGI scripts that power the web-based survey component, enables unauthenticated attackers to execute arbitrary code on hosting servers simply by accessing a survey link. Vulnerability in…
-
âš¡ Weekly Recap: SharePoint 0-Day, Chrome Exploit, macOS Spyware, NVIDIA Toolkit RCE and More
Even in well-secured environments, attackers are getting in”, not with flashy exploits, but by quietly taking advantage of weak settings, outdated encryption, and trusted tools left unprotected.These attacks don’t depend on zero-days. They work by staying unnoticed”, slipping through the cracks in what we monitor and what we assume is safe. What once looked suspicious…
-
Livewire Flaw Puts Millions of Laravel Apps at Risk of RCE Attacks
A critical vulnerability discovered in Livewire, a popular full-stack framework for Laravel applications, exposes millions of web properties to unauthenticated remote command execution attacks. Tracked as CVE-2025-54068, the flaw resides in Livewire versions from 3.0.0-beta.1 up to 3.6.3 and stems from the way certain component property updates are hydrated, allowing an attacker to inject and…
-
CISA Issues Alert on Microsoft SharePoint 0-Day RCE Exploited in Attacks
Tags: attack, cisa, cve, cyber, cybersecurity, data, exploit, flaw, infrastructure, microsoft, rce, remote-code-execution, threat, vulnerability, zero-dayThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security alert regarding a critical zero-day vulnerability in Microsoft SharePoint Server that is being actively exploited in cyberattacks. The vulnerability, tracked as CVE-2025-53770, represents a significant threat to organizations running on-premises SharePoint installations. The flaw stems from a deserialization of untrusted data vulnerability within…
-
Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks
Microsoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770 and CVE-2025-53771 that have compromised services worldwide in “ToolShell” attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-releases-emergency-patches-for-sharepoint-rce-flaws-exploited-in-attacks/
-
SharePoint 0-Day RCE Flaw Actively Exploited for Full Server Takeover
A devastating new SharePoint vulnerability is being actively exploited in large-scale attacks worldwide, enabling attackers to gain complete control of on-premise servers without authentication. Security researchers at Eye Security discovered the ongoing campaign on July 18, 2025, revealing a sophisticated exploit chain dubbed >>ToolShell
-
Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks
Microsoft on Sunday released security patches for an actively exploited security flaw in SharePoint and also released details of another vulnerability that it said has been addressed with “more robust protections.”The tech giant acknowledged it’s “aware of active attacks targeting on-premises SharePoint Server customers by exploiting vulnerabilities partially addressed by the July Security First seen…
-
Microsoft SharePoint zero-day exploited in RCE attacks, no patch available
A critical zero-day vulnerability in Microsoft SharePoint, tracked as CVE-2025-53770, has been actively exploited since at least July 18th, with no patch available and at least 85 servers already compromised worldwide. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-sharepoint-zero-day-exploited-in-rce-attacks-no-patch-available/
-
Cisco warns of another critical RCE flaw in ISE, urges immediate patching
Tags: access, ai, api, breach, cisco, communications, credentials, endpoint, exploit, flaw, network, radius, rce, remote-code-execution, risk, update, vulnerability, wifiFaster patching is needed: Barr is concerned about the flaw in finding N-day abuse. “While it’s positive that Cisco is transparent in disclosure and swift in releasing patches, the reality is that patching these types of vulnerabilities, especially in large, distributed enterprise environments, is not instantaneous,” he said. “Restart requirements and dependencies on high-availability setups…
-
Oracle-Lücke birgt Gefahr für RCE-Attacken
Tags: access, bug, cloud, cve, cyberattack, data, exploit, infrastructure, linux, oracle, rce, remote-code-execution, tool, vulnerabilityOracle hat das Sicherheitsproblem im Code Editor bereits gefixt.Forscher von Tenable Research haben eine Sicherheitslücke im Code-Editor von Oracle Cloud Infrastructure (OCI) entdeckt, die Unternehmen für Remote-Code-Execution-Angriffe (RCE) anfällig macht. Die webbasierte integrierte Entwicklungsumgebung (IDI) dient zur Verwaltung von Ressourcen wie Functions, Resource Manager und Data Science und sorgt für nahtlose Entwickler-Workflows.Die enge Integration mit…
-
1-Click Oracle Cloud Code Editor RCE Flaw Allows Malicious File Upload to Shell
Tags: cloud, cyber, flaw, infrastructure, malicious, oracle, rce, remote-code-execution, service, threat, vulnerabilityTenable Research has disclosed a critical Remote Code Execution (RCE) vulnerability in Oracle Cloud Infrastructure’s Code Editor that enabled attackers to silently hijack victim Cloud Shell environments through a single malicious link. The vulnerability, which has since been remediated by Oracle, could have allowed threat actors to pivot across multiple OCI services and compromise integrated…
-
Critical SharePoint RCE Vulnerability Exploited via Malicious XML in Web Part
A severe remote code execution (RCE) vulnerability has been discovered in Microsoft SharePoint that allows attackers to execute arbitrary code through malicious XML content embedded within web parts. According to the recent report, the vulnerability, which affects the deserialization process of webpart properties, represents a significant security risk for organizations running vulnerable SharePoint installations. Technical…
-
0-Day RCE Flaw in SonicWall SMA Devices Exploited to Launch OVERSTEP Ransomware
Tags: access, breach, credentials, cyber, cyberattack, exploit, flaw, google, group, intelligence, mobile, ransomware, rce, remote-code-execution, threat, zero-dayGoogle’s Threat Intelligence Group (GTIG) has uncovered a sophisticated cyberattack campaign targeting end-of-life SonicWall Secure Mobile Access (SMA) 100 series appliances, where threat actors are exploiting previously stolen credentials and deploying a new rootkit called OVERSTEP. The financially motivated group, tracked as UNC6148, has been operating since at least October 2024 and is suspected of…
-
New Fortinet FortiWeb hacks likely linked to public RCE exploits
Multiple Fortinet FortiWeb instances recently infected with web shells are believed to have been compromised using public exploits for a recently patched remote code execution (RCE) flaw tracked as CVE-2025-25257. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-fortinet-fortiweb-hacks-likely-linked-to-public-rce-exploits/
-
One click to compromise: Oracle Cloud Code Editor flaw exposed users to RCE
Attacks could have a wider blast radius: Because Code Editor operates on the same underlying file system as the Cloud Shell, essentially a Linux home directory in the cloud, attackers could tamper with files used by other integrated services. This turns the flaw in the seemingly contained developer tool into an exposure for lateral movement…
-
ImageMagick Vulnerability Enables RCE via Malicious File Name Patterns
A critical vulnerability in ImageMagick’s image processing library has been disclosed, enabling remote code execution through carefully crafted filename templates. Tracked as CVE-2025-53101, the flaw stems from a stack buffer underwrite in the MagickCore/image.c module. By specifying multiple consecutive format specifiers in a filename pattern for the magick mogrify command, an attacker can force internal…
-
Critical RCE Vulnerability Found in Symantec Endpoint Management Platform
Security researchers at LRQA have uncovered a critical remote code execution (RCE) vulnerability in Broadcom’s Symantec Endpoint Management Suite, formerly known as Altiris, that could allow unauthenticated attackers to execute arbitrary code on vulnerable systems. The flaw, assigned CVE-2025-5333, affects multiple versions of the widely used enterprise endpoint management platform and has been rated with…
-
âš¡ Weekly Recap: Scattered Spider Arrests, Car Exploits, macOS Malware, Fortinet RCE and More
Tags: compliance, cybersecurity, exploit, fortinet, macOS, malware, rce, remote-code-execution, risk, toolIn cybersecurity, precision matters”, and there’s little room for error. A small mistake, missed setting, or quiet misconfiguration can quickly lead to much bigger problems. The signs we’re seeing this week highlight deeper issues behind what might look like routine incidents: outdated tools, slow response to risks, and the ongoing gap between compliance and real…
-
Exploits for unauthenticated FortiWeb RCE are public, so patch quickly! (CVE-2025-25257)
With two proof-of-concept (PoC) exploits made public late last week, CVE-2025-25257 a critical SQL command injection vulnerability in Fortinet’s FortiWeb web … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/14/exploits-for-unauthenticated-fortiweb-rce-are-public-so-patch-quickly-cve-2025-25257/
-
Week in review: Microsoft fixes wormable RCE bug on Windows, check for CitrixBleed 2 exploitation
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes critical wormable Windows flaw (CVE-2025-47981) For July 2025 … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/13/week-in-review-microsoft-fixes-wormable-rce-bug-on-windows-check-for-citrixbleed-2-exploitation/