Tag: rce
-
350M Cars, 1B Devices Exposed to 1-Click Bluetooth RCE
Mercedes, Skoda, and Volkswagen vehicles, as well as untold industrial, medical, mobile, and consumer devices, may be exposed to a vulnerable Bluetooth implementation called PerfektBlue. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/350m-cars-1b-devices-1-click-bluetooth-rce
-
CVSS 10 RCE in Wing FTP exploited within 24 hours, security researchers warn
Intruders looked up how to use curl mid-attack – rookie errors kept damage minimal First seen on theregister.com Jump to article: www.theregister.com/2025/07/11/1010_wing_ftp_bug_exploited/
-
JFrog entdeckt kritische RCE-Sicherheitslücke, die mcp-remote-Clients kapern kann
Das Tool mcp-remote gewann an Popularität in der KI-Community, als erste Remote-MCP-Server-Implementierungen aufgetaucht waren. Diese ermöglichten es LLM-Modellen, mit externen Daten und Tools zu interagieren. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/jfrog-entdeckt-kritische-rce-sicherheitsluecke-die-mcp-remote-clients-kapern-kann/a41370/
-
Wing FTP Server RCE Vulnerability Under Active Exploitation
Security researchers at Huntress have confirmed active exploitation of a critical remote code execution vulnerability in Wing FTP Server, designated CVE-2025-47812, with the first observed attack occurring just one day after the vulnerability’s public disclosure. The flaw affects versions before 7.4.4 and can lead to root or SYSTEM-level remote code execution, prompting urgent calls for…
-
Critical Bluetooth Protocol Vulnerabilities Expose Devices to RCE Attacks
Security researchers have disclosed a critical set of Bluetooth vulnerabilities dubbed >>PerfektBlue
-
Hackers Exploit GeoServer RCE Flaw to Deploy Cryptocurrency Miners
Tags: attack, crypto, cve, cyber, data, exploit, flaw, hacker, intelligence, open-source, rce, remote-code-execution, threat, vulnerabilityThe AhnLab Security Intelligence Center (ASEC) has confirmed that unpatched GeoServer instances are still facing relentless attacks by threat actors exploiting a critical Remote Code Execution (RCE) vulnerability, identified as CVE-2024-36401. GeoServer, an open-source Geographic Information System (GIS) server developed in Java for spatial data processing, became a prime target after the vulnerability was disclosed…
-
Microsoft fixes critical wormable Windows flaw (CVE-2025-47981)
For July 2025 Patch Tuesday, Microsoft has released patches for 130 vulnerabilities, among them one that’s publicly disclosed (CVE-2025-49719) and a wormable RCE bug on … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/09/microsoft-fixes-critical-wormable-windows-flaw-cve-2025-47981/
-
Microsoft Patch Tuesday July 2025: 130 Vulnerabilities Patched, Including 1 Zero-Day and 41 RCE Flaws
Tags: cyber, flaw, microsoft, rce, remote-code-execution, risk, software, update, vulnerability, zero-dayMicrosoft released its July 2025 Patch Tuesday security updates on July 8, 2025, addressing 130 vulnerabilities across its software ecosystem, including one publicly disclosed zero-day vulnerability and numerous critical security flaws that pose significant risks to organizations worldwide. The July 2025 security update represents a substantial patch cycle, with 14 vulnerabilities rated as >>Critical
-
Call of Duty Gamers Hacked via RCE Exploit Allowing PlayerPlayer Attacks
The Call of Duty team removed the PC edition of Call of Duty: WWII off the internet on Saturday after numerous allegations of a serious security flaw surfaced, which is concerning for the gaming community. The culprit appears to be a Remote Code Execution (RCE) vulnerability an especially dangerous flaw that enables attackers to execute…
-
Call of Duty takes PC game offline after multiple reports of RCE attacks on players
Gamemakers have only said they are investigating an unspecified “issue.” Players are posting videos of their computers being compromised. First seen on cyberscoop.com Jump to article: cyberscoop.com/call-of-duty-remote-code-execution-pc-game-offline/
-
Kritische Schwachstelle in Cisco Unified CM entdeckt
Tags: bug, cisco, communications, cyberattack, exploit, infrastructure, rce, remote-code-execution, risk, vulnerabilityBereits zum zweiten Mal in einer Woche muss Cisco eine Schwachstelle mit höchsten Schweregrad melden.Cisco meldete kürzlich eine Schwachstelle mit höchster Schweregradbewertung (CVSS 10 von 10) in seinen Produkten Unified Communications Manager (Unified CM) und Session Management Edition (Unified CM SME). Die betroffenen Lösungen sind Kernkomponenten der TK-Infrastruktur und werden in Behörden, Finanzinstituten und großen…
-
Hardcoded root credentials in Cisco Unified CM trigger max-severity alert
Cisco shares tricks to spot exploitation: Cisco said in the advisory that it hasn’t observed any exploitation in the wild, but it has provided a method for customers to detect compromises. Successful logins via the root account would leave traces in system logs located at ‘/var/log/active/syslog/secure’, it said.The advisory even included an example log snippet…
-
Wing FTP Server Vulnerability Allows Full Server Takeover by Attackers
A newly disclosed critical vulnerability in Wing FTP Server threatens thousands of organizations worldwide, enabling attackers to achieve full server takeover through unauthenticated remote code execution (RCE). The flaw, tracked asCVE-2025-47812, has been assigned a maximumCVSSv4 score of 10.0, underscoring its severity and ease of exploitation. Vulnerability Details The vulnerability, discovered by security researcher Julien Ahrens of RCE Security,…
-
Cl0p Ransomware’s Exfiltration Process Exposes RCE Vulnerability
Tags: computer, cyber, cybercrime, data, data-breach, flaw, group, incident response, ransomware, rce, remote-code-execution, vulnerabilityA newly disclosed vulnerability in the Python-based data-exfiltration utility used by the notorious Cl0p ransomware group has exposed the cybercrime operation itself to potential attack. The flaw, cataloged as GCVE-1-2025-0002, was identified by Italian security researcher Lorenzo N and published by the Computer Incident Response Center Luxembourg (CIRCL) on July 1, 2025. Vulnerability Details The…
-
Critical RCE flaw in Anthropic’s MCP inspector exposes developer machines to remote attacks
Chained with a legacy flaw for RCE : Oligo demonstrated that the attack vector combines two independent flaws. Attackers could chain the legacy “0.0.0.0-day” browser flaw, which lets web pages send requests to 0.0.0.0 address that browsers treat like localhost, to a CSRF-style attack leveraging the Inspector proxy’s vulnerable “/sse” endpoint that accepts commands via query…
-
Cl0p cybercrime gang’s data exfiltration tool found vulnerable to RCE attacks
Experts say they don’t expect the MOVEit menace to do much about it First seen on theregister.com Jump to article: www.theregister.com/2025/07/02/cl0p_rce_vulnerability/
-
Hackers Leverage Critical Langflow Flaw to Deploy Flodrix Botnet and Seize System Control
Tags: ai, botnet, control, cve, cvss, cyber, cyberattack, exploit, flaw, framework, hacker, rce, remote-code-execution, vulnerabilityA sophisticated cyberattack campaign has emerged, exploiting a critical vulnerability in Langflow, a widely-used Python-based framework for building AI applications, to deploy the destructive Flodrix botnet. Identified as CVE-2025-3248 and carrying a near-perfect CVSS score of 9.8, this unauthenticated remote code execution (RCE) flaw impacts Langflow versions prior to 1.3.0. Unveiling a Severe RCE Vulnerability…
-
Week in review: Backdoor found in SOHO devices running Linux, high-risk WinRAR RCE flaw patched
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Stealthy backdoor found hiding in SOHO devices running Linux … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/29/week-in-review-backdoor-found-in-soho-devices-running-linux-high-risk-winrar-rce-flaw-patched/
-
Frequently Asked Questions About Iranian Cyber Operations
Tags: access, advisory, api, apt, attack, authentication, awareness, cisa, cloud, credentials, cve, cyber, cybersecurity, data, data-breach, defense, dos, exploit, finance, framework, government, group, Hardware, identity, infrastructure, injection, Internet, iran, ivanti, malware, mfa, microsoft, middle-east, military, mitre, monitoring, network, password, ransomware, rce, remote-code-execution, risk, service, software, supply-chain, tactics, technology, terrorism, threat, tool, update, vpn, vulnerability, windowsTenable’s Research Special Operations team focuses on some frequently asked questions about Iranian cyber operations, including the tactics, techniques and procedures employed by Iran-based threat actors. Background Tenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding Iranian cyber operations in the wake of the recent conflict and…
-
Hundreds of MCP Servers at Risk of RCE and Data Leaks
Misconfigured AI-linked MCP servers are exposing users to data breaches and remote code execution threats First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/mcp-servers-risk-rce-data-leaks/
-
Cisco warns of max severity RCE flaws in Identity Services Engine
Cisco has published a bulletin to warn about two critical, unauthenticated remote code execution (RCE) vulnerabilities affecting Cisco Identity Services Engine (ISE) and the Passive Identity Connector (ISE-PIC). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-warns-of-max-severity-rce-flaws-in-identity-services-engine/
-
Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access
Cisco has released updates to address two maximum-severity security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could permit an unauthenticated attacker to execute arbitrary commands as the root user.The vulnerabilities, assigned the CVE identifiers CVE-2025-20281 and CVE-2025-20282, carry a CVSS score of 10.0 each. A description of the defects…
-
Hundreds of MCP Servers Expose AI Models to Abuse, RCE
The servers that connect AI with real-world data are occasionally wide-open channels for cyberattacks. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/hundreds-mcp-servers-ai-models-abuse-rce
-
High-risk WinRAR RCE vulnerability patched, update quickly! (CVE-2025-6218)
A recently patched directory traversal vulnerability (CVE-2025-6218) in WinRAR could be leveraged by remote attackers to execute arbitrary code on affected installations. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/24/high-risk-winrar-rce-flaw-patched-update-quickly-cve-2025-6218/
-
Veeam Backup Replication: Critical RCE Patched
Summary On June 1 7, data resilience vendor Veeam released security updates to fix three vulnerabilities: one critical severity RCE and one high severity ACE First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/06/18/veeam-backup-replication-critical-rce-patched/
-
Veeam Patches CVE-2025-23121: Critical RCE Bug Rated 9.9 CVSS in Backup & Replication
Veeam has rolled out patches to contain a critical security flaw impacting its Backup & Replication software that could result in remote code execution under certain conditions.The security defect, tracked as CVE-2025-23121, carries a CVSS score of 9.9 out of a maximum of 10.0.”A vulnerability allowing remote code execution (RCE) on the Backup Server by…
-
New Veeam RCE flaw lets domain users hack backup servers
Veeam has released security updates today to fix several Veeam Backup & Replication (VBR) flaws, including a critical remote code execution (RCE) vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-veeam-rce-flaw-lets-domain-users-hack-backup-servers/
-
BeyondTrust Tools RCE Vulnerability Allows Attackers Execute Arbitrary Code
Tags: access, advisory, cve, cyber, cybersecurity, flaw, injection, rce, remote-code-execution, tool, vulnerabilityA newly disclosed vulnerability in BeyondTrust’s Remote Support (RS) and Privileged Remote Access (PRA) products has raised alarms across the cybersecurity community. The flaw, tracked as CVE-2025-5309 and detailed in advisory BT25-04, allows attackers to execute arbitrary code on affected servers via a Server-Side Template Injection (SSTI) vulnerability in the chat feature. With a CVSSv4…
-
Malicious PyPI package targets Chimera users to steal AWS tokens, CI/CD secrets
Tags: attack, control, exploit, malicious, monitoring, open-source, pypi, rce, remote-code-execution, supply-chainProtection needs a multi-layered approach: Experts are treating the chimera-sandbox-extension incident as more than just another malicious package takedown. While JFrog acted quickly”, alerting PyPI maintainers, removing the package, and updating its Xray scannerresearchers agree that a one-time fix isn’t enough.”Within the last five years, attackers have leveraged PyPI and other package managers to exploit…
-
Hard-Coded ‘b’ Password in Sitecore XP Sparks Major RCE Risk in Enterprise Deployments
Tags: cybersecurity, flaw, password, rce, remote-code-execution, risk, software, tool, vulnerabilityCybersecurity researchers have disclosed three security flaws in the popular Sitecore Experience Platform (XP) that could be chained to achieve pre-authenticated remote code execution.Sitecore Experience Platform is an enterprise-oriented software that provides users with tools for content management, digital marketing, and analytics and reports.The list of vulnerabilities, which are yet to be First seen on…