Tag: rce
-
Apple patches critical zero-day in ImageIO amid reports of targeted exploits
Attackers shifting to core image services: Attackers seem to be moving focus to image processing modules in core system software, rather than going after obvious network-facing services or applications. Last week, Samsung patched a critical bug (CVE-2025-21043) affecting its supplied image library ‘libimagecodec.quram.so’ that allowed remote code execution via a crafted image with zero user…
-
Chaos Mesh Critical GraphQL Flaws Enable RCE and Full Kubernetes Cluster Takeover
Tags: access, cybersecurity, exploit, flaw, injection, kubernetes, network, rce, remote-code-execution, vulnerabilityCybersecurity researchers have disclosed multiple critical security vulnerabilities in Chaos Mesh that, if successfully exploited, could lead to cluster takeover in Kubernetes environments.”Attackers need only minimal in-cluster network access to exploit these vulnerabilities, execute the platform’s fault injections (such as shutting down pods or disrupting network communications), and perform First seen on thehackernews.com Jump to…
-
CISA warns of actively exploited Dassault RCE vulnerability
Tags: cisa, cybersecurity, exploit, flaw, hacker, infrastructure, rce, remote-code-execution, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of hackers exploiting a critical remote code execution flaw in DELMIA Apriso, a manufacturing operations management (MOM) and execution (MES) solution from French company Dassault Systèmes. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-of-actively-exploited-dassault-rce-vulnerability/
-
Apple CarPlay RCE Exploit Left Unaddressed in Most Cars
Even when a vulnerability is serious and a fix is available, actually securing cars is more difficult than one would hope. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/apple-carplay-rce-exploit
-
Cursor AI Code Editor RCE Flaw Allows Malicious Code to Autorun on Machines
A critical vulnerability in the Cursor AI Code Editor exposes developers to stealthy remote code execution (RCE) attacks when opening code repositories, security researchers warn. The flaw, discovered by Oasis Security, allows attackers to deliver and run harmful code automatically, with no warning prompt, putting vital secrets and cloud access at risk. Vulnerability Breakdown Cursor,…
-
SAP September 2025 Patch Day fixed 4 critical flaws
SAP issues 21 new and 4 updated security notes, fixing critical NetWeaver flaws enabling RCE and privilege escalation. SAP this week issued 21 new and four updated security notes as part of the company’s September Patch Day, including four notes that address critical vulnerabilities in NetWeaver. Onapsis Research Labs supported SAP in patching two critical…
-
Speicherüberlauf führt zu RCE oder DoS – Konfiguration von Citrix Netscaler schafft Sicherheitslücken
First seen on security-insider.de Jump to article: www.security-insider.de/kritische-sicherheitsluecken-in-citrix-netscaler-adc-und-gateway-a-e4f033f5440b22845a4489fc64ba5bce/
-
Chrome 140 Release Fixes Critical RCE Vulnerabilities
Tags: browser, chrome, cyber, google, linux, rce, remote-code-execution, update, vulnerability, windowsGoogle has released Chrome 140 to the stable channel for Windows, Mac, and Linux. This update will roll out to users over the coming days and weeks. The new version, 140.0.7339.80 for Linux and 140.0.7339.80/81 for Windows and Mac, delivers several security fixes and improvements. A full list of changes is available in the Chromium log.…
-
IIS WebDeploy RCE Vulnerability Gets Public PoC
A newly disclosed remote code execution (RCE) vulnerability in Microsoft’s IIS Web Deploy toolchain has captured industry attention after the release of a public proof-of-concept. Tracked as CVE-2025-53772, this flaw resides in the unsafe deserialization logic of the msdeployagentservice and msdeploy.axd endpoints, allowing authenticated attackers to run arbitrary code on vulnerable web servers. IIS Web…
-
Week in review: 300k+ Plex Media Server instances still vulnerable to attack, exploited Git RCE flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 300k+ Plex Media Server instances still vulnerable to attack via … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/31/week-in-review-300k-plex-media-server-instances-still-vulnerable-to-attack-exploited-git-rce-flaw/
-
CISA Issues Alert on Citrix NetScaler 0-Day RCE Exploited in the Wild
Tags: cisa, citrix, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, rce, remote-code-execution, vulnerability, zero-dayThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert after detecting active exploitation of a critical zero-day remote code execution (RCE) vulnerability in Citrix NetScaler devices. Designated CVE-2025-7775, the flaw stems from a memory overflow in NetScaler’s traffic management subsystem and was recently added to CISA’s Known Exploited Vulnerabilities (KEV) Catalog. Evidence…
-
Over 28,000 Citrix Servers at Risk from Active 0-Day RCE Exploit
Tags: citrix, cyber, cybersecurity, exploit, flaw, rce, remote-code-execution, risk, threat, vulnerability, zero-dayAcritical zero-day remote code execution (RCE) vulnerabilityis currently threatening the security of over 28,000 Citrix instances worldwide. The flaw, designated as CVE-2025-7775, is being actively exploited by threat actors, prompting urgent security warnings from cybersecurity authorities and immediate action requirements from organizations running affected systems. Widespread Vulnerability Exposure The Shadowserver Foundation’s latest research reveals alarming statistics…
-
Attackers exploiting NetScaler ADC and Gateway zero day flaw, Citrix warns
Tags: access, advisory, attack, authentication, backdoor, citrix, control, country, cve, cvss, cyber, cybersecurity, exploit, flaw, group, infrastructure, mitigation, rce, remote-code-execution, service, update, vulnerability, zero-dayNetScaler must be configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or service groups bound with IPv6 servers, and those bound with DBS IPv6 services or…
-
Over 28,000 Citrix instances remain exposed to critical RCE flaw CVE-2025-7775
Over 28,200 Citrix NetScaler ADC/Gateway instances remain exposed to critical RCE flaw CVE-2025-7775, already under active exploitation. Experts at the Shadowserver Foundation warn that more than 28,200 Citrix instances are vulnerable to the vulnerability CVE-2025-7775, which is under active exploitation. CVE-2025-7775 (CVSS score: 9.2) is a memory overflow vulnerability leading to Remote Code Execution and/or Denial-of-Service.…
-
Over 28,000 Citrix devices vulnerable to new exploited RCE flaw
More than 28,200 Citrix instances are vulnerable to a critical remote code execution vulnerability tracked as CVE-2025-7775 that is already being exploited in the wild. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-28-200-citrix-instances-vulnerable-to-actively-exploited-rce-bug/
-
CVE-2025-7775: Citrix NetScaler ADC and NetScaler Gateway Zero-Day Remote Code Execution Vulnerability Exploited in the Wild
Citrix has released patches to address a zero-day remote code execution vulnerability in NetScaler ADC and NetScaler Gateway that has been exploited. Organizations are urged to patch immediately. Background On August 26, Citrix published a security advisory for three vulnerabilities, including CVE-2025-7775, a zero-day vulnerability which has been exploited against its NetScaler Application Delivery Controller…
-
Citrix NetScaler ADC and Gateway Hit by Ongoing Attacks Exploiting 0-Day RCE
Cloud Software Group has issued an emergency security bulletin warning of active exploitation targeting three critical vulnerabilities in NetScaler ADC and NetScaler Gateway products. The vulnerabilities, tracked asCVE-2025-7775,CVE-2025-7776, andCVE-2025-8424, present severe security risks including remote code execution and denial of service capabilities. Active Exploitation Confirmed The most severe vulnerability,CVE-2025-7775, carries aCVSS v4.0 score of 9.2and has been…
-
Citrix fixes critical NetScaler RCE flaw exploited in zero-day attacks
Citrix fixed three NetScaler ADC and NetScaler Gateway flaws today, including a critical remote code execution flaw tracked as CVE-2025-7775 that was actively exploited in attacks as a zero-day vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/citrix-fixes-critical-netscaler-rce-flaw-exploited-in-zero-day-attacks/
-
Git vulnerability leading to RCE is being exploited by attackers (CVE-2025-48384)
CVE-2025-48384, a recently patched vulnerability in the popular distributed revision control system Git, is being exploited by attackers. Details about the attacks are not … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/26/git-vulnerability-exploited-cve-2025-48384/
-
PoC Exploit and Technical Analysis Published for Apple 0-Day RCE Vulnerability
A critical zero-click remote code execution vulnerability in Apple’s iOS has been disclosed with a working proof-of-concept exploit, marking another significant security flaw in the company’s image processing capabilities. The vulnerability, tracked asCVE-2025-43300, affects Apple’s implementation of JPEG Lossless Decompression code used within Adobe’s DNG (Digital Negative) file format processing. The Vulnerability Details Security researcherb1n4r1b01has…
-
Amazon quietly fixed Q Developer flaws that made AI agent vulnerable to prompt injection, RCE
Move along, nothing to see here First seen on theregister.com Jump to article: www.theregister.com/2025/08/20/amazon_quietly_fixed_q_developer_flaws/
-
Commvault users told to patch two RCE exploit chains
Storage firm Commvault fixes four vulnerabilities that, when combined, create a pair of RCE exploit chains that could be used to target on-premise customers with ransomware and other nasties First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366629874/Commvault-users-told-to-patch-two-RCE-exploit-chains
-
CodeRabbit RCE Flaw Gives Attackers Write Access to 1M Repositories
A critical remote code execution vulnerability in CodeRabbit, one of GitHub’s most popular AI-powered code review tools, could have allowed attackers to gain read and write access to over one million code repositories, including private ones, according to security researchers from Kudelski Security who disclosed the flaw at Black Hat USA 2024. The security flaw…
-
Exploit weaponizes SAP NetWeaver bugs for full system compromise
Exploit chaining CVE-2025-31324 & CVE-2025-42999 in SAP NetWeaver enables auth bypass and RCE, risking compromise and data theft. A new exploit chaining two vulnerabilities, tracked as CVE-2025-31324 and CVE-2025-42999, in SAP NetWeaver exposes organizations to the risk of system compromise and data theft. CVE-2025-31324 (CVSS score: 10.0) is a missing authorization check in NetWeaver’s Visual Composer…
-
Elastic rejects claims of a zero-day RCE flaw in Defend EDR
Enterprise search and security company Elastic is rejecting reports of a zero-day vulnerability impacting its Defend endpoint detection and response (EDR) product. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/elastic-rejects-claims-of-a-zero-day-rce-flaw-in-defend-edr/
-
Cyberangriff auf Colt: Support-Systeme nach Lösegelddrohung offline
Tags: access, api, china, cve, cyberattack, exploit, extortion, hacker, infrastructure, mail, microsoft, ransomware, rce, remote-code-execution, service, technology, update, vulnerabilityDer TK-Konzern Colt kämpft seit einer Woche mit den Folgen einer Ransomware-Attacke.Colt Technology Services, ein britischer Telekommunikationskonzern, der 900 Rechenzentren in Europa, Asien und Nordamerika miteinander verbindet, wurde am 12. August 2025 Opfer eines Cyberangriffs.Der Fall wurde zunächst als ‘technisches Problem” bezeichnet. Inzwischen hat das Unternehmen jedoch den Angriff bestätigt und seine interne Support-Systeme, darunter…
-
Cyberangriff auf Colt: Support-Systeme nach Lösegelddrohung offline
Tags: access, api, china, cve, cyberattack, exploit, extortion, hacker, infrastructure, mail, microsoft, ransomware, rce, remote-code-execution, service, technology, update, vulnerabilityDer TK-Konzern Colt kämpft seit einer Woche mit den Folgen einer Ransomware-Attacke.Colt Technology Services, ein britischer Telekommunikationskonzern, der 900 Rechenzentren in Europa, Asien und Nordamerika miteinander verbindet, wurde am 12. August 2025 Opfer eines Cyberangriffs.Der Fall wurde zunächst als ‘technisches Problem” bezeichnet. Inzwischen hat das Unternehmen jedoch den Angriff bestätigt und seine interne Support-Systeme, darunter…
-
How We Exploited CodeRabbit: From a Simple PR to RCE and Write Access on 1M Repositories
In this blog post, we explain how we got remote code execution (RCE) on CodeRabbit’s production servers, leaked their API tokens and secrets, how we First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/08/19/how-we-exploited-coderabbit-from-a-simple-pr-to-rce-and-write-access-on-1m-repositories/
-
Technical Details of SAP 0-Day Exploitation Script for RCE Revealed
Tags: cve, cyber, cybersecurity, endpoint, exploit, flaw, rce, remote-code-execution, sap, vulnerability, zero-dayCybersecurity researchers have unveiled the inner workings of an exploit script targeting a critical zero-day vulnerability in SAP NetWeaver’s Visual Composer Metadata Uploader, now designated as CVE-202531324. This flaw stems from a missing authorization check on the HTTP endpoint /developmentserver/metadatauploader, enabling unauthenticated file uploads that can lead to remote code execution (RCE) under the SAP…
-
Technical Details of SAP 0-Day Exploitation Script for RCE Revealed
Tags: cve, cyber, cybersecurity, endpoint, exploit, flaw, rce, remote-code-execution, sap, vulnerability, zero-dayCybersecurity researchers have unveiled the inner workings of an exploit script targeting a critical zero-day vulnerability in SAP NetWeaver’s Visual Composer Metadata Uploader, now designated as CVE-202531324. This flaw stems from a missing authorization check on the HTTP endpoint /developmentserver/metadatauploader, enabling unauthenticated file uploads that can lead to remote code execution (RCE) under the SAP…