Tag: remote-code-execution
-
PoC Exploit and Technical Analysis Published for Apple 0-Day RCE Vulnerability
A critical zero-click remote code execution vulnerability in Apple’s iOS has been disclosed with a working proof-of-concept exploit, marking another significant security flaw in the company’s image processing capabilities. The vulnerability, tracked asCVE-2025-43300, affects Apple’s implementation of JPEG Lossless Decompression code used within Adobe’s DNG (Digital Negative) file format processing. The Vulnerability Details Security researcherb1n4r1b01has…
-
Remote Code Execution – Cisco Firewalls bedroht durch CVSS-10-Schwachstelle
First seen on security-insider.de Jump to article: www.security-insider.de/kritische-sicherheitsluecke-im-cisco-secure-firewall-management-center-a-ea347b0f1acc3e110b1da23c7ee3ff70/
-
Threat Actors Exploiting Victims’ Machines for Bandwidth Monetization
Tags: cve, cvss, cyber, cybersecurity, exploit, flaw, programming, remote-code-execution, software, threat, vulnerabilityCybersecurity researchers have uncovered an ongoing campaign where threat actors exploit the critical CVE-2024-36401 vulnerability in GeoServer, a geospatial database, to remotely execute code and monetize victims’ bandwidth. This remote code execution flaw, rated at a CVSS score of 9.8, enables attackers to deploy legitimate software development kits (SDKs) or modified applications that generate passive…
-
Warlock Ransomware Exploits SharePoint Flaws for Initial Access and Credential Theft
Tags: access, credentials, cyber, exploit, flaw, group, microsoft, network, ransomware, remote-code-execution, theft, vulnerabilityThe Warlock ransomware group has intensified its operations by targeting unpatched on-premises Microsoft SharePoint servers, leveraging critical vulnerabilities to achieve remote code execution and initial network access. This campaign, observed in mid-2025, involves sending crafted HTTP POST requests to upload web shells, facilitating reconnaissance, privilege escalation, and credential theft. Initial Exploitation Attackers exploit flaws like…
-
Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks
Commvault has released updates to address four security gaps that could be exploited to achieve remote code execution on susceptible instances.The list of vulnerabilities, identified in Commvault versions before 11.36.60, is as follows -CVE-2025-57788 (CVSS score: 6.9) – A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user…
-
High-Severity Mozilla Flaws Allow Remote Code Execution
Mozilla has released Firefox 142 to address multiple critical security vulnerabilities that could enable remote attackers to execute arbitrary code on affected systems. The Mozilla Foundation Security Advisory 2025-64, announced on August 19, 2025, details nine distinct vulnerabilities ranging from high-severity remote code execution flaws to spoofing and denial-of-service issues. Critical Remote Code Execution Vulnerabilities…
-
Commvault Backup Suite Flaws Allow Attackers to Breach On-Premises Systems
Security researchers have uncovered a critical series of vulnerabilities in Commvault’s backup and data management software that could enable attackers to achieve remote code execution and compromise on-premises infrastructure. The flaws, discovered by Watchtowr Labs, represent a significant threat to organizations relying on Commvault’s widely-deployed backup solutions. The vulnerability chain consists of four distinct security…
-
Amazon quietly fixed Q Developer flaws that made AI agent vulnerable to prompt injection, RCE
Move along, nothing to see here First seen on theregister.com Jump to article: www.theregister.com/2025/08/20/amazon_quietly_fixed_q_developer_flaws/
-
Commvault users told to patch two RCE exploit chains
Storage firm Commvault fixes four vulnerabilities that, when combined, create a pair of RCE exploit chains that could be used to target on-premise customers with ransomware and other nasties First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366629874/Commvault-users-told-to-patch-two-RCE-exploit-chains
-
Apache ActiveMQ Breach Reveals Unusual Attacker Behavior
Tags: access, apache, breach, cyberattack, exploit, flaw, linux, remote-code-execution, update, vulnerabilitySecurity researchers have confirmed that a recent wave of cyberattacks is exploiting a critical vulnerability in Apache ActiveMQ, allowing attackers to compromise Linux servers and install long-term persistence tools. The attackers are not only gaining access through a known remote code execution flaw but are also patching the vulnerability afterward to cover their tracks. The……
-
Commvault plugs holes in backup suite that allow remote code execution
Commvault has fixed four security vulnerabilities that may allow unauthenticated attackers to compromise on-premises deployments of its flagship backup and replication suite. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/20/commvault-backup-suite-vulnerabilities-fixed/
-
Critical Chrome Flaw CVE”‘2025″‘9132 Exposes Browsers to Remote Code Execution
The Hong Kong Computer Emergency Response Team Coordination Center issued an alert regarding a remote code execution flaw in Google Chrome. The Chrome team reported the same vulnerability. The Chrome flaw, identified as CVE”‘2025″‘9132, stems from an out-of-bounds write in V8, Chrome’s JavaScript engine, which could allow attackers to execute arbitrary code remotely. First seen…
-
CodeRabbit RCE Flaw Gives Attackers Write Access to 1M Repositories
A critical remote code execution vulnerability in CodeRabbit, one of GitHub’s most popular AI-powered code review tools, could have allowed attackers to gain read and write access to over one million code repositories, including private ones, according to security researchers from Kudelski Security who disclosed the flaw at Black Hat USA 2024. The security flaw…
-
Exploit weaponizes SAP NetWeaver bugs for full system compromise
Exploit chaining CVE-2025-31324 & CVE-2025-42999 in SAP NetWeaver enables auth bypass and RCE, risking compromise and data theft. A new exploit chaining two vulnerabilities, tracked as CVE-2025-31324 and CVE-2025-42999, in SAP NetWeaver exposes organizations to the risk of system compromise and data theft. CVE-2025-31324 (CVSS score: 10.0) is a missing authorization check in NetWeaver’s Visual Composer…
-
Elastic rejects claims of a zero-day RCE flaw in Defend EDR
Enterprise search and security company Elastic is rejecting reports of a zero-day vulnerability impacting its Defend endpoint detection and response (EDR) product. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/elastic-rejects-claims-of-a-zero-day-rce-flaw-in-defend-edr/
-
Public Exploit Released for Critical SAP NetWeaver Flaw
A critical flaw in SAP NetWeaver AS Java is being widely exploited, allowing unauthenticated remote code execution First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/sap-netweaver-flaw-exploit-released/
-
Cyberangriff auf Colt: Support-Systeme nach Lösegelddrohung offline
Tags: access, api, china, cve, cyberattack, exploit, extortion, hacker, infrastructure, mail, microsoft, ransomware, rce, remote-code-execution, service, technology, update, vulnerabilityDer TK-Konzern Colt kämpft seit einer Woche mit den Folgen einer Ransomware-Attacke.Colt Technology Services, ein britischer Telekommunikationskonzern, der 900 Rechenzentren in Europa, Asien und Nordamerika miteinander verbindet, wurde am 12. August 2025 Opfer eines Cyberangriffs.Der Fall wurde zunächst als ‘technisches Problem” bezeichnet. Inzwischen hat das Unternehmen jedoch den Angriff bestätigt und seine interne Support-Systeme, darunter…
-
How We Exploited CodeRabbit: From a Simple PR to RCE and Write Access on 1M Repositories
In this blog post, we explain how we got remote code execution (RCE) on CodeRabbit’s production servers, leaked their API tokens and secrets, how we First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/08/19/how-we-exploited-coderabbit-from-a-simple-pr-to-rce-and-write-access-on-1m-repositories/
-
Cyberangriff auf Colt: Support-Systeme nach Lösegelddrohung offline
Tags: access, api, china, cve, cyberattack, exploit, extortion, hacker, infrastructure, mail, microsoft, ransomware, rce, remote-code-execution, service, technology, update, vulnerabilityDer TK-Konzern Colt kämpft seit einer Woche mit den Folgen einer Ransomware-Attacke.Colt Technology Services, ein britischer Telekommunikationskonzern, der 900 Rechenzentren in Europa, Asien und Nordamerika miteinander verbindet, wurde am 12. August 2025 Opfer eines Cyberangriffs.Der Fall wurde zunächst als ‘technisches Problem” bezeichnet. Inzwischen hat das Unternehmen jedoch den Angriff bestätigt und seine interne Support-Systeme, darunter…
-
Public Exploit for Chained SAP Flaws Exposes Unpatched Systems to Remote Code Execution
A new exploit combining two critical, now-patched security flaws in SAP NetWeaver has emerged in the wild, putting organizations at risk of system compromise and data theft.The exploit in question chains together CVE-2025-31324 and CVE-2025-42999 to bypass authentication and achieve remote code execution, SAP security company Onapsis said.CVE-2025-31324 (CVSS score: 10.0) – Missing First seen…
-
Qualys holt Doppel-Sieg bei den Pwnie-Awards 2025 für seine OpenSSH-Forschung
Die Threat-Research-Unit (TRU) von Qualys hat bei den Pwnie-Awards gleich zwei Top-Auszeichnungen erhalten hat. Das TRU-Team wurde bei der DefCon 2025 in den Kategorien “Epic Achievement” und “Best Remote Code Execution (RCE)” geehrt eine Anerkennung ihrer führenden Rolle in der Sicherheitsforschung und ihres Engagements für die verantwortungsvolle Offenlegung kritischer Schwachstellen. Die Pwnie-Awards gelten weltweit […]…
-
Technical Details of SAP 0-Day Exploitation Script for RCE Revealed
Tags: cve, cyber, cybersecurity, endpoint, exploit, flaw, rce, remote-code-execution, sap, vulnerability, zero-dayCybersecurity researchers have unveiled the inner workings of an exploit script targeting a critical zero-day vulnerability in SAP NetWeaver’s Visual Composer Metadata Uploader, now designated as CVE-202531324. This flaw stems from a missing authorization check on the HTTP endpoint /developmentserver/metadatauploader, enabling unauthenticated file uploads that can lead to remote code execution (RCE) under the SAP…
-
Technical Details of SAP 0-Day Exploitation Script for RCE Revealed
Tags: cve, cyber, cybersecurity, endpoint, exploit, flaw, rce, remote-code-execution, sap, vulnerability, zero-dayCybersecurity researchers have unveiled the inner workings of an exploit script targeting a critical zero-day vulnerability in SAP NetWeaver’s Visual Composer Metadata Uploader, now designated as CVE-202531324. This flaw stems from a missing authorization check on the HTTP endpoint /developmentserver/metadatauploader, enabling unauthenticated file uploads that can lead to remote code execution (RCE) under the SAP…
-
UK’s Colt hit by cyberattack, support systems offline amid ransom threat
Tags: api, attack, china, communications, cve, cyberattack, data, data-breach, exploit, finance, flaw, group, infrastructure, Internet, microsoft, network, programming, ransom, rce, remote-code-execution, russia, service, software, threat, update, vulnerabilitywith samples on a Russian Tor site.”We’ve seen already this year that telecom is particularly vulnerable to attacks, and I think this WarLock attack highlights some recurring issues that telecom and large-scale network service providers are starting to see,” said Gabrielle Hempel, Security Operations Strategist at Exabeam. “There’s this operational ripple effect when you’re a…
-
Qualys Threat Research Unit (TRU) erhält zwei Top-Auszeichnungen für Epic Achievement und Best RCE
Diese hochkritischen Schwachstellen in einer Kerntechnologie wie OpenSSH betreffen weltweit Millionen von Geräten. Sie zeigen, wie wichtig sorgfältige Forschung und verantwortungsbewusste Offenlegung sind First seen on infopoint-security.de Jump to article: www.infopoint-security.de/qualys-threat-research-unit-tru-erhaelt-zwei-top-auszeichnungen-fuer-epic-achievement-und-best-rce/a41715/
-
Rockwell ControlLogix Ethernet Vulnerability Exposes Systems to Remote Code Execution
A critical vulnerability in Rockwell Automation’s ControlLogix Ethernet modules has been discovered that could allow remote attackers to execute malicious code on industrial control systems. The vulnerability, identified as CVE-2025-7353, affects multiple ControlLogix communication modules and carries a severe CVSS score of 9.8 out of 10, indicating the highest level of risk to affected systems.…
-
Patch Now: Attackers Target OT Networks via Critical RCE Flaw
Tags: cvss, exploit, flaw, infrastructure, network, rce, remote-code-execution, update, vulnerabilityResearchers observed exploitation attempts against a vulnerability with a CVSS score of 10 in a popular Erlang-based platform for critical infrastructure and OT development. First seen on darkreading.com Jump to article: www.darkreading.com/ics-ot-security/patch-now-attackers-target-ot-networks-critical-rce-flaw
-
Microsoft Patch Tuesday August 2025: 107 Vulnerabilities Patched, Including 35 RCE Flaws
Microsoft has rolled out its August 2025 Patch Tuesday fixes, addressing a total of 107 vulnerabilities across its ecosystem. This month’s release stands out for its sheer volume and the inclusion of 35 remote code execution (RCE) bugs, which could allow attackers to run malicious code on affected systems. While none of these vulnerabilities are…
-
Record $250K Bug Bounty Awarded for Discovering Critical Chrome RCE Flaw
Google has awarded a record-breaking $250,000 bug bounty to security researcher Micky for discovering a critical remote code execution vulnerability in Google Chrome that could allow attackers to escape the browser’s sandbox protection. The flaw, tracked internally as issue 412578726, represents one of the most severe Chrome vulnerabilities discovered in recent years and highlights the…
-
5 key takeaways from Black Hat USA 2025
Tags: access, api, attack, authentication, botnet, business, cisco, cloud, container, control, credentials, data, endpoint, exploit, firmware, flaw, framework, Hardware, iam, login, malicious, malware, network, password, programming, rce, remote-code-execution, service, software, technology, tool, update, usa, vulnerability, windowsVaults can be cracked open: Critical vulnerabilities in popular enterprise credential vaults were unveiled by security researchers from Cyata during Black Hat.The flaws in various components of HashiCorp Vault and CyberArk Conjur, responsibly disclosed to the vendors and patched before their disclosure, stemmed from subtle logic flaws in authentication, validation, and policy enforcement mechanisms, as…