Tag: rce
-
UK’s Colt hit by cyberattack, support systems offline amid ransom threat
Tags: api, attack, china, communications, cve, cyberattack, data, data-breach, exploit, finance, flaw, group, infrastructure, Internet, microsoft, network, programming, ransom, rce, remote-code-execution, russia, service, software, threat, update, vulnerabilitywith samples on a Russian Tor site.”We’ve seen already this year that telecom is particularly vulnerable to attacks, and I think this WarLock attack highlights some recurring issues that telecom and large-scale network service providers are starting to see,” said Gabrielle Hempel, Security Operations Strategist at Exabeam. “There’s this operational ripple effect when you’re a…
-
Qualys Threat Research Unit (TRU) erhält zwei Top-Auszeichnungen für Epic Achievement und Best RCE
Diese hochkritischen Schwachstellen in einer Kerntechnologie wie OpenSSH betreffen weltweit Millionen von Geräten. Sie zeigen, wie wichtig sorgfältige Forschung und verantwortungsbewusste Offenlegung sind First seen on infopoint-security.de Jump to article: www.infopoint-security.de/qualys-threat-research-unit-tru-erhaelt-zwei-top-auszeichnungen-fuer-epic-achievement-und-best-rce/a41715/
-
Patch Now: Attackers Target OT Networks via Critical RCE Flaw
Tags: cvss, exploit, flaw, infrastructure, network, rce, remote-code-execution, update, vulnerabilityResearchers observed exploitation attempts against a vulnerability with a CVSS score of 10 in a popular Erlang-based platform for critical infrastructure and OT development. First seen on darkreading.com Jump to article: www.darkreading.com/ics-ot-security/patch-now-attackers-target-ot-networks-critical-rce-flaw
-
Microsoft Patch Tuesday August 2025: 107 Vulnerabilities Patched, Including 35 RCE Flaws
Microsoft has rolled out its August 2025 Patch Tuesday fixes, addressing a total of 107 vulnerabilities across its ecosystem. This month’s release stands out for its sheer volume and the inclusion of 35 remote code execution (RCE) bugs, which could allow attackers to run malicious code on affected systems. While none of these vulnerabilities are…
-
Record $250K Bug Bounty Awarded for Discovering Critical Chrome RCE Flaw
Google has awarded a record-breaking $250,000 bug bounty to security researcher Micky for discovering a critical remote code execution vulnerability in Google Chrome that could allow attackers to escape the browser’s sandbox protection. The flaw, tracked internally as issue 412578726, represents one of the most severe Chrome vulnerabilities discovered in recent years and highlights the…
-
5 key takeaways from Black Hat USA 2025
Tags: access, api, attack, authentication, botnet, business, cisco, cloud, container, control, credentials, data, endpoint, exploit, firmware, flaw, framework, Hardware, iam, login, malicious, malware, network, password, programming, rce, remote-code-execution, service, software, technology, tool, update, usa, vulnerability, windowsVaults can be cracked open: Critical vulnerabilities in popular enterprise credential vaults were unveiled by security researchers from Cyata during Black Hat.The flaws in various components of HashiCorp Vault and CyberArk Conjur, responsibly disclosed to the vendors and patched before their disclosure, stemmed from subtle logic flaws in authentication, validation, and policy enforcement mechanisms, as…
-
Erlang/OTP SSH RCE Vulnerability Actively Exploited to Target OT Networks
Tags: cve, cvss, cyber, exploit, flaw, network, programming, rce, remote-code-execution, vulnerabilityA severe vulnerability, designated CVE-2025-32433 with a CVSS score of 10.0, has been identified in the Secure Shell (SSH) daemon of the Erlang programming language’s Open Telecom Platform (OTP). This flaw permits unauthenticated remote code execution (RCE) by allowing attackers to send SSH connection protocol messages with codes greater than or equal to 80 to…
-
Researchers Spot Surge in Erlang/OTP SSH RCE Exploits, 70% Target OT Firewalls
Tags: authentication, cve, detection, exploit, firewall, flaw, malicious, rce, remote-code-execution, technology, vulnerabilityMalicious actors have been observed exploiting a now-patched critical security flaw impacting Erlang/Open Telecom Platform (OTP) SSH as early as beginning of May 2025, with about 70% of detections originating from firewalls protecting operational technology (OT) networks.The vulnerability in question is CVE-2025-32433 (CVSS score: 10.0), a missing authentication issue that could be abused by an…
-
CVE-2025-8355 CVE-2025-8356: Xerox Issues Urgent Fixes for SSRF and RCE Bugs
Xerox Corporation has issued urgent security updates addressing two high-impact vulnerabilities in its FreeFlow Core software. The flaws, now tracked as CVE-2025-8355 and CVE-2025-8356, have the potential to expose enterprise environments to server-side request forgery (SSRF) and remote code execution (RCE) attacks if left unpatched. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/xerox-fixes-cve-2025-8355-and-8356/
-
CVE-2025-8355 CVE-2025-8356: Xerox Issues Urgent Fixes for SSRF and RCE Bugs
Xerox Corporation has issued urgent security updates addressing two high-impact vulnerabilities in its FreeFlow Core software. The flaws, now tracked as CVE-2025-8355 and CVE-2025-8356, have the potential to expose enterprise environments to server-side request forgery (SSRF) and remote code execution (RCE) attacks if left unpatched. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/xerox-fixes-cve-2025-8355-and-8356/
-
15,000 Jenkins Servers at Risk from RCE Vulnerability (CVE-2025-53652)
A new report by VulnCheck exposes a critical command injection flaw (CVE-2025-53652) in the Jenkins Git Parameter plugin…. First seen on hackread.com Jump to article: hackread.com/jenkins-servers-risk-rce-vulnerability-cve-2025-53652/
-
Researchers uncover RCE attack chains in popular enterprise credential vaults
Tags: access, api, attack, authentication, cloud, credentials, cve, encryption, exploit, flaw, identity, infrastructure, login, malicious, mfa, open-source, password, ransomware, rce, remote-code-execution, risk, service, software, vulnerabilityFrom identity forgery to full RCE: An AWS instance identity typically corresponds to a hostname. But the researchers explored how this could be abused within Conjur’s resource model, which uses three parameters: Account (Conjur account name), Kind (resource type, host, user, variable, policy, etc.), and Identifier (unique resource name). These parameters are also used in…
-
Critical Zero-Day Bugs Crack Open CyberArk, HashiCorp Password Vaults
Secrets managers hold all the keys to an enterprise’s kingdom. Two popular ones had longstanding, critical, unauthenticated RCE vulnerabilities. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/critical-zero-day-bugs-cyberark-hashicorp-password-vaults
-
CVE-2025-54987, CVE-2025-54948: Trend Micro Apex One Command Injection Zero-Days Exploited In The Wild
Tags: access, advisory, attack, cve, cybersecurity, data-breach, endpoint, exploit, flaw, infrastructure, injection, mitigation, network, rce, remote-code-execution, service, threat, tool, update, vulnerability, zero-dayTrend Micro releases a temporary mitigation tool to reduce exposure to two unpatched zero-day command injection vulnerabilities which have been exploited. Background On August 5, Trend Micro released a security advisory for two critical flaws affecting on-prem versions of Apex One Management Console. According to the advisory, Trend Micro has observed active exploitation of the…
-
MCP Protocol Bug Let Attackers Execute Code in Cursor
Cursor Patched Flaw Days After Disclosure, Says Check Point. Check Point researchers found a RCE flaw in Cursor, an AI-powered code editor, by manipulating a previously approved model context protocol configuration. Once a developer approved a configuration file for an MCP server, any future changes to that file could be executed without further prompts. First…
-
Trend Micro fixes two actively exploited Apex One RCE flaws
Trend Micro patched two critical Apex One flaws (CVE-2025-54948, CVE-2025-54987) exploited in the wild, allowing RCE via console injection. Trend Micro released fixes for two critical vulnerabilities, tracked as CVE-2025-54948 and CVE-2025-54987 (CVSS score of 9.4), in Apex One on-prem consoles. The cybersecurity vendor confirmed that both issues were actively exploited in the wild. Both…
-
Chaining NVIDIA’s Triton Server flaws exposes AI systems to remote takeover
New flaws in NVIDIA’s Triton Server let remote attackers take over systems via RCE, posing major risks to AI infrastructure. Newly revealed security flaws in NVIDIA’s Triton Inference Server for Windows and Linux could let remote, unauthenticated attackers fully take over vulnerable servers. According to Wiz Research team, chaining these vulnerabilities enables remote code execution…
-
Nvidia Patches Critical RCE Vulnerability Chain
The flaws in the company’s Triton Inference Server enables model theft, data leaks, and response manipulation. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/nvidia-patches-critical-rce-vulnerability-chain
-
WhatsApp 0-Click RCE Exploit Worth $1 Million at Pwn2Own Ireland 2025
Cybersecurity researchers have a massive incentive to target WhatsApp this fall, as the Zero Day Initiative (ZDI) announced a record-breaking $1 million bounty for a zero-click remote code execution exploit against the popular messaging platform at Pwn2Own Ireland 2025. The unprecedented prize represents the largest single bounty in Pwn2Own history and is made possible through…
-
CrushFTP Hit by Critical 0-Day RCE Vulnerability Full Technical Details and PoC Published
Security researchers have disclosed a critical zero-day vulnerability in CrushFTP, a popular file transfer server solution, that allows attackers to execute arbitrary commands on affected systems without authentication. The vulnerability, tracked as CVE-2025-54309, has been assigned a maximum CVSS score of 9.8 and poses an immediate threat to organizations running vulnerable CrushFTP installations. Authentication Bypass Leads…
-
Hackers actively exploit critical RCE in WordPress Alone theme
Threat actors are actively exploiting a critical unauthenticated arbitrary file upload vulnerability in the WordPress theme ‘Alone,’ to achieve remote code execution and perform a full site takeover. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-actively-exploit-critical-rce-in-wordpress-alone-theme/
-
CISA Issues Alert on PaperCut RCE Vulnerability Under Active Exploitation
Tags: cisa, cve, cyber, cybersecurity, exploit, infrastructure, kev, rce, remote-code-execution, risk, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical PaperCut vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning organizations of active exploitation attempts targeting the widely-used print management software. The vulnerability, tracked as CVE-2023-2533, represents a significant security risk that could allow attackers to execute arbitrary code on affected systems. Critical Vulnerability…
-
CISA flags PaperCut RCE bug as exploited in attacks, patch now
CISA warns that threat actors are exploiting a high-severity vulnerability in PaperCut NG/MF print management software, which can allow them to gain remote code execution in cross-site request forgery (CSRF) attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-flags-papercut-rce-bug-as-exploited-in-attacks-patch-now/
-
Fixed Ivanti Bugs Still Haunt Japan Orgs 6 Months Later
Chinese threat actors have been feeding off the same Ivanti RCE vulnerabilities we’ve known about since last year, partly thanks to complications in patching. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/fixed-ivanti-bugs-japan-orgs-6-months-later
-
Chinese cyber spies among those linked to SharePoint attacks
Exploitation of the ToolShell RCE zero-day in Microsoft SharePoint continues to gather pace, with evidence emerging of exploitation by nation state-backed threat actors First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366627767/Chinese-cyber-spies-among-those-linked-to-SharePoint-attacks
-
Prettier-ESLint npm packages hijacked in a sophisticated supply chain attack
Tags: attack, authentication, credentials, detection, github, malicious, mfa, phishing, rce, remote-code-execution, supply-chain, updateAutomated GitHub alarms triggered a quick response: Detection was swift once the updates bypassed GitHub’s usual commit-based alerts and raised red flags in registry logs. The maintainer revoked the compromised token, deprecated the malicious releases, and collaborated with npm to remove them.Socket noted that the attack is a textbook example of “multi-stage supply chain compromise,”…
-
Cisco Alerts on ISE RCE Vulnerability Actively Exploited
Cisco has issued an urgent security advisory warning that a set of critical remote code execution (RCE) vulnerabilities affecting its Identity Services Engine (ISE) and Passive Identity Connector (ISE-PIC) products are being actively exploited in the wild. The flaws, tracked as CVE-2025-20281, CVE-2025-20282, and CVE-2025-20337, carry the highest possible severity rating, with a CVSS base…
-
Critical Sophos Firewall Flaws Allow Pre-Auth RCE
Tags: authentication, cyber, cybersecurity, firewall, flaw, network, rce, remote-code-execution, risk, sophos, vulnerabilitySophos has disclosed multiple critical security vulnerabilities affecting its Firewall products, with the most severe flaws enabling pre-authentication remote code execution that could allow attackers to completely compromise affected systems. The cybersecurity company released hotfixes for five independent vulnerabilities, two of which carry critical severity ratings and pose significant risks to enterprise networks worldwide. Severe…
-
Attackers Can Exploit Lighthouse Studio RCE Bug to Gain Server Access
Researchers at Assetnote have uncovered a critical remote code execution (RCE) vulnerability in Lighthouse Studio, a widely used survey software developed by Sawtooth Software. This flaw, affecting the Perl CGI scripts that power the web-based survey component, enables unauthenticated attackers to execute arbitrary code on hosting servers simply by accessing a survey link. Vulnerability in…
-
âš¡ Weekly Recap: SharePoint 0-Day, Chrome Exploit, macOS Spyware, NVIDIA Toolkit RCE and More
Even in well-secured environments, attackers are getting in”, not with flashy exploits, but by quietly taking advantage of weak settings, outdated encryption, and trusted tools left unprotected.These attacks don’t depend on zero-days. They work by staying unnoticed”, slipping through the cracks in what we monitor and what we assume is safe. What once looked suspicious…