Tag: rce
-
Anatomy of a Modern Threat: Deconstructing the Figma MCP Vulnerability
Threat researchers recently disclosed a severe vulnerability in a Figma Model Context Protocol (MCP) server, as reported by The Hacker News. While the specific patch is important, the discovery itself serves as a critical wake-up call for every organization rushing to adopt AI. This incident provides a blueprint for a new class of attacks that…
-
Anatomy of a Modern Threat: Deconstructing the Figma MCP Vulnerability
Threat researchers recently disclosed a severe vulnerability in a Figma Model Context Protocol (MCP) server, as reported by The Hacker News. While the specific patch is important, the discovery itself serves as a critical wake-up call for every organization rushing to adopt AI. This incident provides a blueprint for a new class of attacks that…
-
Redis patches 13-Year-Old Lua flaw enabling Remote Code Execution
Redis warns of CVE-2025-49844, a Lua script flaw enabling RCE via use-after-free. Attackers need authenticated access to exploit it. Redis disclosed a critical RCE bug, tracked as CVE-2025-49844 (also known as “RediShell”, with a CVSS score of 10.0), where a malicious Lua script can exploit the garbage collector to trigger a use-after-free vulnerability and enable…
-
10.0-severity RCE flaw puts 60,000 Redis instances at risk
Tags: authentication, cloud, container, cve, data-breach, docker, exploit, flaw, group, Internet, network, rce, remote-code-execution, risk, vulnerabilityLack of Redis authentication is a widespread issue: While Redis supports authentication, it is often deployed without it, especially on internal networks, but also on the internet. For example, the Wiz researchers note that in 57% of cloud environments, Redis is deployed as a container image and the official Redis container on Docker Hub does…
-
#RediShell: Redis/Valkey Get ‘Perfect 10’ Critical RCE Vuln
Redis hell: CVSS 10.0 vulnerability in ubiquitous cloud storage layer. PATCH NOW. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/redis-valkey-redishell-richixbw/
-
#RediShell: Redis/Valkey Get ‘Perfect 10’ Critical RCE Vuln
Redis hell: CVSS 10.0 vulnerability in ubiquitous cloud storage layer. PATCH NOW. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/redis-valkey-redishell-richixbw/
-
Redis patches critical >>RediShell<< RCE vulnerability, update ASAP! (CVE-2025-49844)
Redis, the company behind the widely used in-memory data structure store of the same name, has released patches for a critical vulnerability (CVE-2025-49844) that may allow … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/07/redis-patches-critical-redishell-rce-vulnerability-update-asap-cve-2025-49844/
-
Patch Now: ‘RediShell’ Threatens Cloud Via Redis RCE
A 13-year-old flaw with a CVSS score of 10 in the popular data storage service allows for full host takeover, and more than 300k instances are currently exposed. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/patch-now-redishell-redis-rce
-
Redis patches critical >>RediShell<< RCE vulnerability, update ASAP! (CVE-2025-49844)
Redis, the company behind the widely used in-memory data structure store of the same name, has released patches for a critical vulnerability (CVE-2025-49844) that may allow … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/07/redis-patches-critical-redishell-rce-vulnerability-update-asap-cve-2025-49844/
-
CrowdStrike ties Oracle EBS RCE (CVE-2025-61882) to Cl0p attacks began Aug 9, 2025
CrowdStrike links Oracle EBS flaw CVE-2025-61882 (CVSS 9.8) to Cl0p, enabling unauthenticated RCE, first exploited on August 9, 2025. CrowdStrike researchers attributed with moderate confidence the exploitation of Oracle E-Business Suite flaw CVE-2025-61882 (CVSS 9.8) to the Cl0p group, also known as Graceful Spider. The critical bug allows unauthenticated remote code execution, with the first…
-
GoAnywhere 0-Day RCE Actively Exploited to Deliver Medusa Ransomware
Tags: advisory, cve, cvss, cyber, data-breach, exploit, flaw, ransomware, rce, remote-code-execution, threat, vulnerability, zero-dayA critical zero-day vulnerability in GoAnywhere MFT’s License Servlet is being actively exploited to deploy Medusa ransomware. On September 18, 2025, Fortra released an advisory disclosing CVE-2025-10035, a deserialization flaw with a perfect CVSS score of 10.0. Threat actors tracked as Storm-1175 have abused this issue to gain remote code execution (RCE) on exposed systems,…
-
13-Year-Old Redis RCE Flaw Lets Attackers Seize Complete Host Control
Tags: control, cve, cvss, cyber, cybersecurity, data, flaw, rce, remote-code-execution, vulnerabilityA remote code execution vulnerability discovered in Redis, the widely-used in-memory data structure store, has sent shockwaves through the cybersecurity community. The flaw, designated CVE-2025-49844 and dubbed >>RediShell
-
Western Digital My Cloud NAS devices vulnerable to unauthenticated RCE (CVE-2025-30247)
Western Digital has fixed a critical remote code execution vulnerability (CVE-2025-30247) in the firmware powering its My Cloud network-attached storage (NAS) devices, and has … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/30/western-digital-my-cloud-nas-cve-2025-30247/
-
Veeam RCE Exploit Allegedly Listed for Sale on Dark Web
Tags: backup, cyber, cybersecurity, dark-web, exploit, marketplace, rce, remote-code-execution, veeamA new dark web marketplace listing has sparked alarm in the cybersecurity community after a seller using the handle >>SebastianPereiro
-
RCE im Web Help Desk – Solarwinds patcht zum dritten Mal kritische Sicherheitslücke
First seen on security-insider.de Jump to article: www.security-insider.de/solarwinds-dritter-patch-kritische-sicherheitsluecke-a-470359c5523bcc290f2adcf15317176e/
-
Cisco ASA 0-Day RCE Flaw Actively Exploited in the Wild
A critical zero-day vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software is being actively exploited in the wild. Tracked as CVE-2025-20333, this remote code execution flaw allows an authenticated attacker to execute arbitrary code as root on affected devices. Cisco published an advisory on September…
-
How Regular CVE Scanning Reduces the Risk of RCE Attacks
Tags: attack, business, compliance, control, cve, cybersecurity, rce, remote-code-execution, resilience, risk, threat, vulnerabilityRemote Code Execution (RCE) attacks remain one of the most dangerous cybersecurity threats, allowing attackers to take full control of systems and cause severe business damage. Regular CVE scanning is a key part of how to prevent RCE attacks, helping organizations identify unpatched vulnerabilities, prioritize risks, and ensure timely remediation. This proactive approach also supports…
-
SolarWinds Issues Third Patch to Address Persistent Web Help Desk RCE Vulnerability
SolarWinds has released a new hotfix aimed at resolving a critical remote code execution (RCE) vulnerability affecting its Web Help Desk (WHD) software. The flaw, now identified as CVE-2025-26399, marks the third patch attempt to fully remediate a vulnerability that originally appeared under CVE-2024-28986. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/solarwinds-cve-2025-26399/
-
Cisco Confirms Critical CVE-2025-20352 Zero-Day RCE Vulnerability Under Active Exploitation
Tags: attack, cisco, cve, exploit, flaw, incident response, rce, remote-code-execution, security-incident, software, vulnerability, zero-dayCisco has publicly disclosed a critical remote code execution (RCE) vulnerability, tracked as CVE-2025-20352, affecting its widely deployed Cisco IOS and IOS XE software platforms. According to Cisco’s Product Security Incident Response Team (PSIRT), the flaw is being actively exploited in the wild, with confirmed attacks leveraging compromised administrator credentials. First seen on thecyberexpress.com Jump…
-
Cisco Warns of Actively Exploited SNMP Vulnerability Allowing RCE or DoS in IOS Software
Tags: cisco, credentials, cve, dos, exploit, flaw, rce, remote-code-execution, service, software, vulnerabilityCisco has warned of a high-severity security flaw in IOS Software and IOS XE Software that could allow a remote attacker to execute arbitrary code or trigger a denial-of-service (DoS) condition under specific circumstances.The company said the vulnerability, CVE-2025-20352 (CVSS score: 7.7), has been exploited in the wild, adding it became aware of it “after…
-
Cisco IOS 0-Day RCE Vulnerability Actively Targeted
Cisco has disclosed a critical zero-day vulnerability in its IOS and IOS XE software that is being actively exploited by threat actors in real-world attacks. The flaw, tracked as CVE-2025-20352, affects the Simple Network Management Protocol (SNMP) subsystem and allows both denial-of-service attacks and remote code execution depending on the attacker’s privilege level. Critical SNMP Stack…
-
Cisco IOS 0-Day RCE Vulnerability Actively Targeted
Cisco has disclosed a critical zero-day vulnerability in its IOS and IOS XE software that is being actively exploited by threat actors in real-world attacks. The flaw, tracked as CVE-2025-20352, affects the Simple Network Management Protocol (SNMP) subsystem and allows both denial-of-service attacks and remote code execution depending on the attacker’s privilege level. Critical SNMP Stack…
-
CISA Reveals Hackers Breached U.S. Federal Agency via GeoServer RCE Flaw
Tags: access, breach, cisa, cyber, cybersecurity, detection, endpoint, exploit, flaw, hacker, incident response, Intruder, rce, remote-code-execution, vulnerabilityFederal cybersecurity agency CISA has disclosed that attackers exploited a remote code execution vulnerability in GeoServer to breach a U.S. federal civilian executive branch agency. The incident response began after endpoint detection alerts sounded at the agency. Over three weeks, cyber intruders used the flaw to gain initial access, move laterally, and establish persistence across…
-
Third time’s the charm? SolarWinds (again) patches critical Web Help Desk RCE
Or maybe 3 strikes, you’re out? First seen on theregister.com Jump to article: www.theregister.com/2025/09/23/solarwinds_patches_rce/
-
SolarWinds warns over dangerous RCE flaw
A newly-uncovered RCE flaw in SolarWinds’ helpdesk product bypasses two previously-issued fixes, and users should prioritise updates as exploitation is likely to occur. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366631672/SolarWinds-warns-over-dangerous-RCE-flaw
-
SolarWinds releases third patch to fix Web Help Desk RCE bug
SolarWinds has released a hotfix for a critical a critical vulnerability in Web Help Desk that allows remote code execution (RCE) without authentication. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/solarwinds-releases-third-patch-to-fix-web-help-desk-rce-bug/
-
HubSpot’s Jinjava Engine Flaw Exposes Thousands of Sites to RCE Attacks
A critical security vulnerability has been discovered in HubSpot’s Jinjava template engine, potentially exposing thousands of websites and applications to remote code execution attacks. The flaw, tracked as CVE-2025-59340, carries the maximum CVSS score of 10.0, indicating the severity of the security risk. Sandbox Bypass Enables Dangerous Exploits The vulnerability stems from a sandbox bypass mechanism…
-
Apple patches critical zero-day in ImageIO amid reports of targeted exploits
Attackers shifting to core image services: Attackers seem to be moving focus to image processing modules in core system software, rather than going after obvious network-facing services or applications. Last week, Samsung patched a critical bug (CVE-2025-21043) affecting its supplied image library ‘libimagecodec.quram.so’ that allowed remote code execution via a crafted image with zero user…
-
Apple patches critical zero-day in ImageIO amid reports of targeted exploits
Attackers shifting to core image services: Attackers seem to be moving focus to image processing modules in core system software, rather than going after obvious network-facing services or applications. Last week, Samsung patched a critical bug (CVE-2025-21043) affecting its supplied image library ‘libimagecodec.quram.so’ that allowed remote code execution via a crafted image with zero user…
-
Chaos Mesh Critical GraphQL Flaws Enable RCE and Full Kubernetes Cluster Takeover
Tags: access, cybersecurity, exploit, flaw, injection, kubernetes, network, rce, remote-code-execution, vulnerabilityCybersecurity researchers have disclosed multiple critical security vulnerabilities in Chaos Mesh that, if successfully exploited, could lead to cluster takeover in Kubernetes environments.”Attackers need only minimal in-cluster network access to exploit these vulnerabilities, execute the platform’s fault injections (such as shutting down pods or disrupting network communications), and perform First seen on thehackernews.com Jump to…