Tag: rce
-
Cisco warns of max severity RCE flaws in Identity Services Engine
Cisco has published a bulletin to warn about two critical, unauthenticated remote code execution (RCE) vulnerabilities affecting Cisco Identity Services Engine (ISE) and the Passive Identity Connector (ISE-PIC). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-warns-of-max-severity-rce-flaws-in-identity-services-engine/
-
Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access
Cisco has released updates to address two maximum-severity security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could permit an unauthenticated attacker to execute arbitrary commands as the root user.The vulnerabilities, assigned the CVE identifiers CVE-2025-20281 and CVE-2025-20282, carry a CVSS score of 10.0 each. A description of the defects…
-
Hundreds of MCP Servers Expose AI Models to Abuse, RCE
The servers that connect AI with real-world data are occasionally wide-open channels for cyberattacks. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/hundreds-mcp-servers-ai-models-abuse-rce
-
High-risk WinRAR RCE vulnerability patched, update quickly! (CVE-2025-6218)
A recently patched directory traversal vulnerability (CVE-2025-6218) in WinRAR could be leveraged by remote attackers to execute arbitrary code on affected installations. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/24/high-risk-winrar-rce-flaw-patched-update-quickly-cve-2025-6218/
-
Veeam Backup Replication: Critical RCE Patched
Summary On June 1 7, data resilience vendor Veeam released security updates to fix three vulnerabilities: one critical severity RCE and one high severity ACE First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/06/18/veeam-backup-replication-critical-rce-patched/
-
Veeam Patches CVE-2025-23121: Critical RCE Bug Rated 9.9 CVSS in Backup & Replication
Veeam has rolled out patches to contain a critical security flaw impacting its Backup & Replication software that could result in remote code execution under certain conditions.The security defect, tracked as CVE-2025-23121, carries a CVSS score of 9.9 out of a maximum of 10.0.”A vulnerability allowing remote code execution (RCE) on the Backup Server by…
-
New Veeam RCE flaw lets domain users hack backup servers
Veeam has released security updates today to fix several Veeam Backup & Replication (VBR) flaws, including a critical remote code execution (RCE) vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-veeam-rce-flaw-lets-domain-users-hack-backup-servers/
-
Malicious PyPI package targets Chimera users to steal AWS tokens, CI/CD secrets
Tags: attack, control, exploit, malicious, monitoring, open-source, pypi, rce, remote-code-execution, supply-chainProtection needs a multi-layered approach: Experts are treating the chimera-sandbox-extension incident as more than just another malicious package takedown. While JFrog acted quickly”, alerting PyPI maintainers, removing the package, and updating its Xray scannerresearchers agree that a one-time fix isn’t enough.”Within the last five years, attackers have leveraged PyPI and other package managers to exploit…
-
BeyondTrust Tools RCE Vulnerability Allows Attackers Execute Arbitrary Code
Tags: access, advisory, cve, cyber, cybersecurity, flaw, injection, rce, remote-code-execution, tool, vulnerabilityA newly disclosed vulnerability in BeyondTrust’s Remote Support (RS) and Privileged Remote Access (PRA) products has raised alarms across the cybersecurity community. The flaw, tracked as CVE-2025-5309 and detailed in advisory BT25-04, allows attackers to execute arbitrary code on affected servers via a Server-Side Template Injection (SSTI) vulnerability in the chat feature. With a CVSSv4…
-
Hard-Coded ‘b’ Password in Sitecore XP Sparks Major RCE Risk in Enterprise Deployments
Tags: cybersecurity, flaw, password, rce, remote-code-execution, risk, software, tool, vulnerabilityCybersecurity researchers have disclosed three security flaws in the popular Sitecore Experience Platform (XP) that could be chained to achieve pre-authenticated remote code execution.Sitecore Experience Platform is an enterprise-oriented software that provides users with tools for content management, digital marketing, and analytics and reports.The list of vulnerabilities, which are yet to be First seen on…
-
Attackers target Zyxel RCE vulnerability CVE-2023-28771
GreyNoise researchers have observed exploit attempts targeting the remote code execution vulnerability CVE-2023-28771 in Zyxel devices. On June 16, GreyNoise researchers detected exploit attempts targeting CVE-2023-28771 (CVSS score 9.8), a remote code execution flaw impacting Zyxel IKE decoders over UDP port 500. >>Exploitation attempts against CVE-2023-28771 were minimal throughout recent weeks.On June 16, GreyNoise observed…
-
New Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS Attacks
Tags: ai, attack, botnet, cybersecurity, ddos, exploit, flaw, malware, rce, remote-code-execution, vulnerabilityCybersecurity researchers have called attention to a new campaign that’s actively exploiting a recently disclosed critical security flaw in Langflow to deliver the Flodrix botnet malware.”Attackers use the vulnerability to execute downloader scripts on compromised Langflow servers, which in turn fetch and install the Flodrix malware,” Trend Micro researchers Aliakbar Zahravi, Ahmed Mohamed First seen…
-
Zyxel Devices Under Attack as Hackers Exploit UDP Port RCE Flaw
Tags: attack, control, cve, cyber, cyberattack, exploit, firewall, flaw, hacker, Internet, rce, remote-code-execution, vpn, vulnerability, zyxelA sudden and highly coordinated wave of cyberattacks has struck Zyxel firewall and VPN devices worldwide, as hackers exploit a critical remote code execution (RCE) vulnerability tracked as CVE-2023-28771. The attacks, observed on June 16, 2025, leveraged UDP port 500″, the Internet Key Exchange (IKE) packet decoder”, to remotely inject system commands and potentially seize…
-
Breach Roundup: Critical RCE Flaw in Roundcube Servers
Also, M&S Back Online, Mexican Education Platform Breached, Patch Tuesday. This week, a Roundcube flaw, Mexican student data hacked and Dutch cops scare straight Cracked users. Man imprisoned for hacking tax preparers. M&S update. UNFI ships on a limited basis. U.K. financial regulator staffers used personal emails. Weak web panel security on GPS devices. Patch…
-
Hackers exploited Windows WebDav zero-day to drop malware
Tags: apt, attack, defense, exploit, government, group, hacker, hacking, malware, rce, remote-code-execution, vulnerability, windows, zero-dayAn APT hacking group known as ‘Stealth Falcon’ exploited a Windows WebDav RCE vulnerability in zero-day attacks since March 2025 against defense and government organizations in Turkey, Qatar, Egypt, and Yemen. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/stealth-falcon-hackers-exploited-windows-webdav-zero-day-to-drop-malware/
-
Hackers exploited Windows WebDav zero-day to drop malware
Tags: apt, attack, defense, exploit, government, group, hacker, hacking, malware, rce, remote-code-execution, vulnerability, windows, zero-dayAn APT hacking group known as ‘Stealth Falcon’ exploited a Windows WebDav RCE vulnerability in zero-day attacks since March 2025 against defense and government organizations in Turkey, Qatar, Egypt, and Yemen. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/stealth-falcon-hackers-exploited-windows-webdav-zero-day-to-drop-malware/
-
Over 80,000 servers hit as Roundcube RCE bug gets rapidly exploited
A critical remote code execution (RCE) vulnerability in Roundcube was exploited days after patch, impacting over 80,000 servers. Threat actors exploited a critical remote code execution (RCE) flaw in Roundcube, tracked as CVE-2025-49113, just days after the patch was released, targeting over 80,000 servers. Roundcube is a popular webmail platform and has been repeatedly targeted…
-
June Patch Tuesday brings a lighter load for defenders
Barely 70 vulnerabilities make the cut for Microsoft’s monthly security update, but an RCE flaw in WEBDAV and an EoP issue in Windows SMB Client still warrant close attention. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366625818/June-Patch-Tuesday-brings-a-lighter-load-for-defenders
-
Stealth Falcon APT Exploits Microsoft RCE Zero-Day in Mideast
The bug is one of 66 disclosed and patched today by Microsoft as part of its June 2025 Patch Tuesday set of security vulnerability fixes. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/stealth-falcon-apt-exploits-microsoft-rce-zero-day-mideast
-
Microsoft Windows WebDAV 0-Day RCE Vulnerability Actively Exploited in The Wild
A critical zero-day vulnerability in Microsoft Windows, designated CVE-2025-33053, has been actively exploited by the advanced persistent threat (APT) group Stealth Falcon. The flaw, enabling remote code execution (RCE) through manipulation of a system’s working directory, was addressed by Microsoft in its June 2025 Patch Tuesday updates following CPR’s responsible disclosure. Below is a technical…
-
Mirai botnets exploit Wazuh RCE, Akamai warned
Tags: botnet, compliance, cve, data, detection, exploit, flaw, open-source, rce, remote-code-execution, threat, vulnerabilityMirai botnets are exploiting CVE-2025-24016, a critical remote code execution flaw in Wazuh servers, Akamai warned. Akamai researchers warn that multiple Mirai botnets exploit the critical remote code execution vulnerability CVE-2025-24016 (CVSS score of 9.9) affecting Wazuh servers. Wazuh is an open-source security platform used for threat detection, intrusion detection, log data analysis, and compliance…
-
CISA Issues Alert on Erlang/OTP SSH Server RCE Vulnerability Under Active Exploitation
Tags: cisa, cve, cyber, cybersecurity, exploit, infrastructure, kev, rce, remote-code-execution, risk, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical vulnerability in Erlang/OTP SSH server implementations that allows attackers to execute arbitrary commands without authentication. The vulnerability, designated as CVE-2025-32433, has been added to CISA Known Exploited Vulnerabilities (KEV) catalog, indicating active exploitation in the wild and posing significant risks…
-
Exploitation of Critical Wazuh Server RCE Vulnerability Leads to Mirai Variant Deployment
The Akamai Security Intelligence and Response Team (SIRT) has uncovered active exploitation of a critical remote code execution (RCE) vulnerability in Wazuh servers, identified as CVE-2025-24016 with a CVSS score of 9.9. Disclosed in February 2025, this vulnerability affects Wazuh versions 4.4.0 through 4.9.0 and stems from unsafe deserialization in the Distributed API (DAPI) requests,…
-
Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113)
With an exploit for a critical Roundcube vulnerability (CVE-2025-49113) being offered for sale on underground forums and a PoC exploit having been made public, attacks … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/09/roundcube-rce-dark-web-activity-signals-imminent-attacks-cve-2025-49113/
-
Critical RCE Vulnerability in AWS Amplify Studio PoC Now Public
In May 2025, AWS disclosed a critical remote code execution (RCE) vulnerability, CVE-2025-4318, in the @aws-amplify/codegen-ui package”, a core dependency for AWS Amplify Studio’s UI code generation pipeline. The flaw, rated 9.5 on the CVSS scale, stemmed from improper input validation in the expression-binding logic that processes user-defined JavaScript expressions within UI component schemas. How…
-
Critical RCE Flaw Found in HPE Insight Remote Support Tool
Hewlett-Packard Enterprise (HPE) has released a critical security bulletin addressing multiple high-impact vulnerabilities in its Insight Remote Support (IRS) software, versions prior to 7.15.0.646. These flaws, identified by external researchers and disclosed to HPE, could allow remote attackers to execute arbitrary code, traverse directories, and exfiltrate sensitive information from affected systems. Technical Breakdown of Vulnerabilities…
-
‘Earth Lamia’ Exploits Known SQL, RCE Bugs Across Asia
A highly active Chinese threat group is taking proverbial candy from babies, exploiting known bugs in exposed servers to steal data from organizations in sensitive sectors. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/earth-lamia-exploits-sql-rce-bugs-asia
-
Hackers drop 60 npm bombs in less than two weeks to recon dev machines
Tags: attack, data, detection, email, framework, hacker, malicious, open-source, rce, remote-code-execution, supply-chain, threat, toolThe accounts are now defunct: The first three malicious packages, “e-learning-garena,” “seatalk-rn-leave-calendar,” and “coral-web-be,” were released under the npm accounts bbbb335656, cdsfdfafd1232436437, and sdsds656565, respectively. Since then, all three accounts have gone on to publish twenty malicious packages each.According to Socket, the first package emerged eleven days ago, and the most recent appeared only hours…
-
Apache Tomcat RCE Vulnerability Exposed with PoC Released
Tags: apache, container, control, cve, cyber, data-breach, flaw, malicious, open-source, rce, remote-code-execution, vulnerabilityA critical security vulnerability, tracked as CVE-2025-24813, has been discovered in Apache Tomcat, a widely used open-source Java servlet container and web server. This flaw, stemming from improper handling of file paths, particularly those containing internal dots (e.g., file.Name)”, can allow attackers to bypass security controls, leading to remote code execution (RCE), information disclosure, and…