Tag: rce
-
CVE-2026-1281 CVE-2026-1340: Actively Exploited Pre-Authentication RCE in Ivanti EPMM
Learn how CVE-2026-1281 and CVE-2026-1340 enable pre-auth RCE in Ivanti EPMM, now actively exploited, and how AppTrana helps block attacks across applications. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/cve-2026-1281-cve-2026-1340-actively-exploited-pre-authentication-rce-in-ivanti-epmm/
-
BeyondTrust RCE Vulnerability Under Active Exploitation Urgent Patch Released
BeyondTrust has urgently released security updates to address a critical remote code execution (RCE) vulnerability affecting its widely used Remote Support (RS) and Privileged Remote Access (PRA) products. Designated as CVE-2026-1731, this severe flaw carries a near-maximum CVSS v4 score of 9.9. The vulnerability creates a dangerous opening for unauthenticated remote attackers to execute arbitrary…
-
Critical BeyondTrust RCE flaw now exploited in attacks, patch now
Tags: access, attack, authentication, exploit, flaw, rce, remote-code-execution, update, vulnerabilityA critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access appliances is now being exploited in attacks after a PoC was published online. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-beyondtrust-rce-flaw-now-exploited-in-attacks-patch-now/
-
WordPress plugin with 900k installs vulnerable to critical RCE flaw
A critical vulnerability in the WPvivid Backup & Migration plugin for WordPress, installed on more than 900,000 websites, can be exploited to achieve remote code execution by uploading arbitrary files without authentication. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/wordpress-plugin-with-900k-installs-vulnerable-to-critical-rce-flaw/
-
Windows Notepad Markdown feature opens door to RCE (CVE-2026-20841)
Among the many security fixes released by Microsoft on February 2026 Patch Tuesday is one for CVE-2026-20841, a command injection vulnerability in Notepad that could be … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/12/windows-notepad-markdown-feature-opens-door-to-rce-cve-2026-20841/
-
Windows Notepad Markdown feature opens door to RCE (CVE-2026-20841)
Among the many security fixes released by Microsoft on February 2026 Patch Tuesday is one for CVE-2026-20841, a command injection vulnerability in Notepad that could be … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/12/windows-notepad-markdown-feature-opens-door-to-rce-cve-2026-20841/
-
Windows Notepad Markdown feature opens door to RCE (CVE-2026-20841)
Among the many security fixes released by Microsoft on February 2026 Patch Tuesday is one for CVE-2026-20841, a command injection vulnerability in Notepad that could be … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/12/windows-notepad-markdown-feature-opens-door-to-rce-cve-2026-20841/
-
Windows Notepad Markdown feature opens door to RCE (CVE-2026-20841)
Among the many security fixes released by Microsoft on February 2026 Patch Tuesday is one for CVE-2026-20841, a command injection vulnerability in Notepad that could be … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/12/windows-notepad-markdown-feature-opens-door-to-rce-cve-2026-20841/
-
ThreatsDay Bulletin: AI Prompt RCE, Claude 0-Click, RenEngine Loader, Auto 0-Days & 25+ Stories
Threat activity this week shows one consistent signal, attackers are leaning harder on what already works. Instead of flashy new exploits, many operations are built around quiet misuse of trusted tools, familiar workflows, and overlooked exposures that sit in plain sight.Another shift is how access is gained versus how it’s used. Initial entry points are…
-
Zero-Click RCE in Claude Desktop: CVSS-Score von 10/10
Diesmal gibt es eine Sicherheitslücke in Agenten, und zwar nicht in irgendeinem experimentellen Open-Source-Projekt, sondern in Claude Desktop. Die Sicherheitsfirma LayerX hat eine kritische Zero-Click RCE (Remote Code Execution) Schwachstelle in Claude Desktop Extensions (DXT) entdeckt, die über 10.000 aktive Nutzende betrifft und mit einem CVSS-Score von 10/10 bewertet wurde [1]. Das mag auf den……
-
CVE-2026-25646: Legacy Libpng Flaw Poses RCE Risk
A decades-old libpng flaw exposes widely used systems to denial-of-service and potential code execution via crafted PNG files. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/cve-2026-25646-legacy-libpng-flaw-poses-rce-risk/
-
0-Click RCE Found in Claude Desktop Extensions, Putting 10,000+ Users at Risk
A critical >>zero-click<< vulnerability in Claude Desktop Extensions (DXT) that allows attackers to compromise a computer using nothing more than a Google Calendar event. The flaw, which has been assigned a maximum severity score of CVSS 10/10, affects more than 10,000 active users and over 50 different extensions. The vulnerability stems from a fundamental architectural decision.…
-
Anthropic’s DXT poses “critical RCE vulnerability” by running with full system privileges
Difference are ‘stark’: Principal AI Security Researcher at LayerX Security Roy Paz said that he tested DXT against Perplexity’s Comet, OpenAI’s Atlas, and Microsoft’s CoPilot, and the differences were stark.”When you ask Copilot, Atlas, or Perplexity to use a tool, then it will use that tool for you. But Claude DXT allows tools to talk…
-
Anthropic’s DXT poses “critical RCE vulnerability” by running with full system privileges
Difference are ‘stark’: Principal AI Security Researcher at LayerX Security Roy Paz said that he tested DXT against Perplexity’s Comet, OpenAI’s Atlas, and Microsoft’s CoPilot, and the differences were stark.”When you ask Copilot, Atlas, or Perplexity to use a tool, then it will use that tool for you. But Claude DXT allows tools to talk…
-
Flaw in Anthropic Claude Extensions Can Lead to RCE in Google Calendar: LayerX
LayerX researchers say that a security in Anthropic’s Claude Desktop Extensions can be exploited to allow threat actors to place a RCE vulnerability into Google Calendar, the latest report to highlight the risks that come with giving AI models with full system privileges unfettered access to sensitive data. First seen on securityboulevard.com Jump to article:…
-
SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers
Microsoft has revealed that it observed a multi”‘stage intrusion that involved the threat actors exploiting internet”‘exposed SolarWinds Web Help Desk (WHD) instances to obtain initial access and move laterally across the organization’s network to other high-value assets.That said, the Microsoft Defender Security Research Team said it’s not clear whether the activity weaponized recently First seen…
-
BeyondTrust warns of critical RCE flaw in remote support software
BeyondTrust warned customers to patch a critical security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) software that could allow unauthenticated attackers to execute arbitrary code remotely. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/beyondtrust-warns-of-critical-rce-flaw-in-remote-support-software/
-
Active Exploitation of SolarWinds Web Help Desk RCE Used to Drop Custom Malware
Threat actors are actively exploiting critical vulnerabilities in SolarWinds Web Help Desk (WHD) to deploy custom malware and establish persistent remote control. Security researchers observed these attacks starting on February 7, 2026, targeting organizations that had not yet applied the latest security patches. SolarWinds Web Help Desk RCE The intrusion leverages recently disclosed Remote Code…
-
BeyondTrust fixes easyexploit pre-auth RCE vulnerability in remote access tools (CVE-2026-1731)
BeyondTrust fixed a critical remote code execution vulnerability (CVE-2026-1731) in its Remote Support (RS) and Privileged Remote Access (PRA) solutions and is urging … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/09/beyondtrust-remote-access-vulnerability-cve-2026-1731/
-
BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA
BeyondTrust has released updates to address a critical security flaw impacting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could result in remote code execution.”BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability,” the company First seen on…
-
BeyondTrust Remote Access Products Hit by 0-Day RCE Vulnerability
BeyondTrust has issued an urgent security advisory regarding a critical zero-day vulnerability affecting its popular remote access solutions. The flaw, tracked as CVE-2026-1731, carries a near-maximum severity score of 9.9 out of 10 on the CVSSv4 scale. It poses a significant risk to organizations using self-hosted versions of BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA). The…
-
CISA warns of SmarterMail RCE flaw used in ransomware attacks
Tags: attack, cisa, cve, cybersecurity, flaw, infrastructure, ransomware, rce, remote-code-executionThe Cybersecurity & Infrastructure Security Agency (CISA) in the U.S. has issued a warning about CVE-2026-24423, an unauthenticated remote code execution (RCE) flaw in SmarterMail that is used in ransomware attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-of-smartermail-rce-flaw-used-in-ransomware-attacks/
-
Lateral Movement und RCE – Angriffe über Ivanti Endpoint Manager Mobile laufen
First seen on security-insider.de Jump to article: www.security-insider.de/sicherheitsluecken-ivanti-endpoint-manager-mobile-updates-a-aca050adf9926475b601d024c1aaff43/
-
Malicious Commands in GitHub Codespaces Enable RCE
Flaws in GitHub Codespaces allow RCE via crafted repositories or pull requests First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/malicious-commands-in-github/
-
ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories
This week didn’t produce one big headline. It produced many small signals — the kind that quietly shape what attacks will look like next.Researchers tracked intrusions that start in ordinary places: developer workflows, remote tools, cloud access, identity paths, and even routine user actions. Nothing looked dramatic on the surface. That’s the point. Entry is…
-
SolarWinds RCE bug makes Cisa list as exploitation spreads
Exploitation of CVE-2025-40551, an RCE flaw affecting SolarWinds Web Help Desk, appears to be spreading, and defenders are on high alert. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366638837/SolarWinds-RCE-bug-makes-Cisa-list-as-exploitation-spreads
-
LookOut: Discovering RCE and Internal Access on Looker (Google Cloud On-Prem)
Tenable Research discovered two novel vulnerabilities in Google Looker that could allow an attacker to completely compromise a Looker instance. Google moved swiftly to patch these issues. Organizations running Looker on-prem should verify they have upgraded to the patched versions. Key takeaways Two novel vulnerabilities: Tenable Research discovered a remote code execution (RCE) chain via…
-
Google Looker Bugs Allow Cross-Tenant RCE, Data Exfil
Attackers could even have used one vulnerable Lookout user to gain access to other GCP tenants’ environments. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/google-looker-bugs-cross-tenant-rce-data-exfil
-
CISA Adds SolarWinds Web Help Desk RCE Flaw to Known Exploited Vulnerabilities List
Tags: cisa, cyber, cybersecurity, data, exploit, flaw, infrastructure, kev, rce, remote-code-execution, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a newly disclosed vulnerability CVE”‘2025″‘40551 affecting SolarWinds Web Help Desk (WHD) to its Known Exploited Vulnerabilities (KEV) catalog. The flaw is rated critical because it enables remote code execution (RCE) and can be exploited without authentication. According to CISA, the issue stems from a deserialization of untrusted data weakness (CWE”‘502), which allows attackers…
-
CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog
Tags: cisa, cve, cybersecurity, data, exploit, flaw, infrastructure, kev, rce, remote-code-execution, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) to its Known Exploited Vulnerabilities (KEV) catalog, flagging it as actively exploited in attacks.The vulnerability, tracked as CVE-2025-40551 (CVSS score: 9.8), is a untrusted data deserialization vulnerability that could pave the way for remote…