Tag: remote-code-execution
-
Livewire Flaw Puts Millions of Laravel Apps at Risk of RCE Attacks
A critical vulnerability discovered in Livewire, a popular full-stack framework for Laravel applications, exposes millions of web properties to unauthenticated remote command execution attacks. Tracked as CVE-2025-54068, the flaw resides in Livewire versions from 3.0.0-beta.1 up to 3.6.3 and stems from the way certain component property updates are hydrated, allowing an attacker to inject and…
-
CISA Issues Alert on Microsoft SharePoint 0-Day RCE Exploited in Attacks
Tags: attack, cisa, cve, cyber, cybersecurity, data, exploit, flaw, infrastructure, microsoft, rce, remote-code-execution, threat, vulnerability, zero-dayThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security alert regarding a critical zero-day vulnerability in Microsoft SharePoint Server that is being actively exploited in cyberattacks. The vulnerability, tracked as CVE-2025-53770, represents a significant threat to organizations running on-premises SharePoint installations. The flaw stems from a deserialization of untrusted data vulnerability within…
-
Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks
Microsoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770 and CVE-2025-53771 that have compromised services worldwide in “ToolShell” attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-releases-emergency-patches-for-sharepoint-rce-flaws-exploited-in-attacks/
-
SharePoint 0-Day RCE Flaw Actively Exploited for Full Server Takeover
A devastating new SharePoint vulnerability is being actively exploited in large-scale attacks worldwide, enabling attackers to gain complete control of on-premise servers without authentication. Security researchers at Eye Security discovered the ongoing campaign on July 18, 2025, revealing a sophisticated exploit chain dubbed >>ToolShell
-
Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks
Microsoft on Sunday released security patches for an actively exploited security flaw in SharePoint and also released details of another vulnerability that it said has been addressed with “more robust protections.”The tech giant acknowledged it’s “aware of active attacks targeting on-premises SharePoint Server customers by exploiting vulnerabilities partially addressed by the July Security First seen…
-
Microsoft SharePoint servers under attack via zero-day vulnerability with no patch (CVE-2025-53770)
Attackers are exploiting a zero-day variant (CVE-2025-53770) of a SharePoint remote code execution vulnerability (CVE-2025-49706) that Microsoft patched earlier this month, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/20/microsoft-sharepoint-servers-under-attack-via-zero-day-vulnerability-with-no-patch-cve-2025-53770/
-
Microsoft SharePoint zero-day exploited in RCE attacks, no patch available
A critical zero-day vulnerability in Microsoft SharePoint, tracked as CVE-2025-53770, has been actively exploited since at least July 18th, with no patch available and at least 85 servers already compromised worldwide. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-sharepoint-zero-day-exploited-in-rce-attacks-no-patch-available/
-
Cisco warns of another critical RCE flaw in ISE, urges immediate patching
Tags: access, ai, api, breach, cisco, communications, credentials, endpoint, exploit, flaw, network, radius, rce, remote-code-execution, risk, update, vulnerability, wifiFaster patching is needed: Barr is concerned about the flaw in finding N-day abuse. “While it’s positive that Cisco is transparent in disclosure and swift in releasing patches, the reality is that patching these types of vulnerabilities, especially in large, distributed enterprise environments, is not instantaneous,” he said. “Restart requirements and dependencies on high-availability setups…
-
Oracle-Lücke birgt Gefahr für RCE-Attacken
Tags: access, bug, cloud, cve, cyberattack, data, exploit, infrastructure, linux, oracle, rce, remote-code-execution, tool, vulnerabilityOracle hat das Sicherheitsproblem im Code Editor bereits gefixt.Forscher von Tenable Research haben eine Sicherheitslücke im Code-Editor von Oracle Cloud Infrastructure (OCI) entdeckt, die Unternehmen für Remote-Code-Execution-Angriffe (RCE) anfällig macht. Die webbasierte integrierte Entwicklungsumgebung (IDI) dient zur Verwaltung von Ressourcen wie Functions, Resource Manager und Data Science und sorgt für nahtlose Entwickler-Workflows.Die enge Integration mit…
-
Cisco patches critical CVE-2025-20337 bug in Identity Services Engine with CVSS 10 Severity
Cisco warns of CVE-2025-20337, a critical ISE flaw (CVSS 10) allowing remote code execution with root privileges. Cisco addressed a critical vulnerability, tracked as CVE-2025-20337 (CVSS score of 10), in Identity Services Engine (ISE) and Cisco Identity Services Engine Passive Identity Connector (ISE-PIC). An attacker could trigger the vulnerability to execute arbitrary code on the…
-
1-Click Oracle Cloud Code Editor RCE Flaw Allows Malicious File Upload to Shell
Tags: cloud, cyber, flaw, infrastructure, malicious, oracle, rce, remote-code-execution, service, threat, vulnerabilityTenable Research has disclosed a critical Remote Code Execution (RCE) vulnerability in Oracle Cloud Infrastructure’s Code Editor that enabled attackers to silently hijack victim Cloud Shell environments through a single malicious link. The vulnerability, which has since been remediated by Oracle, could have allowed threat actors to pivot across multiple OCI services and compromise integrated…
-
Critical SharePoint RCE Vulnerability Exploited via Malicious XML in Web Part
A severe remote code execution (RCE) vulnerability has been discovered in Microsoft SharePoint that allows attackers to execute arbitrary code through malicious XML content embedded within web parts. According to the recent report, the vulnerability, which affects the deserialization process of webpart properties, represents a significant security risk for organizations running vulnerable SharePoint installations. Technical…
-
0-Day RCE Flaw in SonicWall SMA Devices Exploited to Launch OVERSTEP Ransomware
Tags: access, breach, credentials, cyber, cyberattack, exploit, flaw, google, group, intelligence, mobile, ransomware, rce, remote-code-execution, threat, zero-dayGoogle’s Threat Intelligence Group (GTIG) has uncovered a sophisticated cyberattack campaign targeting end-of-life SonicWall Secure Mobile Access (SMA) 100 series appliances, where threat actors are exploiting previously stolen credentials and deploying a new rootkit called OVERSTEP. The financially motivated group, tracked as UNC6148, has been operating since at least October 2024 and is suspected of…
-
New Fortinet FortiWeb hacks likely linked to public RCE exploits
Multiple Fortinet FortiWeb instances recently infected with web shells are believed to have been compromised using public exploits for a recently patched remote code execution (RCE) flaw tracked as CVE-2025-25257. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-fortinet-fortiweb-hacks-likely-linked-to-public-rce-exploits/
-
One click to compromise: Oracle Cloud Code Editor flaw exposed users to RCE
Attacks could have a wider blast radius: Because Code Editor operates on the same underlying file system as the Cloud Shell, essentially a Linux home directory in the cloud, attackers could tamper with files used by other integrated services. This turns the flaw in the seemingly contained developer tool into an exposure for lateral movement…
-
LaRecipe Tool with 2.3M Downloads Found Vulnerable to Full Server Takeover
A critical security vulnerability has been discovered in LaRecipe, a popular Laravel documentation package with over 2.3 million downloads, that could allow attackers to completely compromise affected servers. The vulnerability, identified as CVE-2025-53833, enables Server-Side Template Injection (SSTI) attacks that can lead to Remote Code Execution (RCE) on vulnerable systems. Critical Vulnerability Discovered Security researcher…
-
PoC Released for High-Severity Git CLI Vulnerability Allowing Arbitrary File Writes
A critical vulnerability in Git’s command-line interface has been disclosed with public proof-of-concept exploits available, allowing arbitrary file writes and remote code execution on Linux and macOS systems. CVE-2025-48384 affects Git installations usinggit clone recursiveon weaponized repositories, exploiting improper handling of carriage return characters in.gitmodulesfiles to bypass security controls. Field Details CVE ID CVE-2025-48384 CVSS…
-
ImageMagick Vulnerability Enables RCE via Malicious File Name Patterns
A critical vulnerability in ImageMagick’s image processing library has been disclosed, enabling remote code execution through carefully crafted filename templates. Tracked as CVE-2025-53101, the flaw stems from a stack buffer underwrite in the MagickCore/image.c module. By specifying multiple consecutive format specifiers in a filename pattern for the magick mogrify command, an attacker can force internal…
-
Critical RCE Vulnerability Found in Symantec Endpoint Management Platform
Security researchers at LRQA have uncovered a critical remote code execution (RCE) vulnerability in Broadcom’s Symantec Endpoint Management Suite, formerly known as Altiris, that could allow unauthenticated attackers to execute arbitrary code on vulnerable systems. The flaw, assigned CVE-2025-5333, affects multiple versions of the widely used enterprise endpoint management platform and has been rated with…
-
Wing FTP Vulnerability Actively Exploited Globally
Remote Code Execution Flaw Affects More Than 5,000 Servers. Threat actors are actively exploiting a critical vulnerability in a server file transfer solution. Researchers say the flaw in Wing FTP Server could allow threat actors to execute system-level commands remotely, using null byte and Lua injection without authentication. First seen on govinfosecurity.com Jump to article:…
-
âš¡ Weekly Recap: Scattered Spider Arrests, Car Exploits, macOS Malware, Fortinet RCE and More
Tags: compliance, cybersecurity, exploit, fortinet, macOS, malware, rce, remote-code-execution, risk, toolIn cybersecurity, precision matters”, and there’s little room for error. A small mistake, missed setting, or quiet misconfiguration can quickly lead to much bigger problems. The signs we’re seeing this week highlight deeper issues behind what might look like routine incidents: outdated tools, slow response to risks, and the ongoing gap between compliance and real…
-
Exploits for unauthenticated FortiWeb RCE are public, so patch quickly! (CVE-2025-25257)
With two proof-of-concept (PoC) exploits made public late last week, CVE-2025-25257 a critical SQL command injection vulnerability in Fortinet’s FortiWeb web … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/14/exploits-for-unauthenticated-fortiweb-rce-are-public-so-patch-quickly-cve-2025-25257/
-
WinRAR 0″‘Day Exploit Listed for $80K on Dark Web Forum
A sophisticated zero-day exploit targeting WinRAR, one of the world’s most popular file compression utilities, has surfaced on a dark web marketplace with a hefty price tag of $80,000. The previously unknown remote code execution (RCE) vulnerability affects both the latest and earlier versions of the widely-used software, raising significant concerns for millions of users…
-
Wing FTP Server flaw actively exploited shortly after technical details were made public
Hackers exploit critical Wing FTP flaw (CVE-2025-47812) for remote code execution with root/system rights after details leaked on June 30. Threat actors are exploiting a critical flaw, tracked as CVE-2025-47812 (CVSS score of 10), in Wing FTP Server that allows remote code execution with root/system privileges. Wing FTP Server is a secure and flexible file…
-
Week in review: Microsoft fixes wormable RCE bug on Windows, check for CitrixBleed 2 exploitation
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes critical wormable Windows flaw (CVE-2025-47981) For July 2025 … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/13/week-in-review-microsoft-fixes-wormable-rce-bug-on-windows-check-for-citrixbleed-2-exploitation/
-
Hackers are exploiting critical RCE flaw in Wing FTP Server
Hackers have started to exploit a critical remote code execution vulnerability in Wing FTP Server just one day after technical details on the flaw became public. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-are-exploiting-critical-rce-flaw-in-wing-ftp-server/
-
Over 600 Laravel Apps Exposed to Remote Code Execution Due to Leaked APP_KEYs on GitHub
Cybersecurity researchers have discovered a serious security issue that allows leaked Laravel APP_KEYs to be weaponized to gain remote code execution capabilities on hundreds of applications.”Laravel’s APP_KEY, essential for encrypting sensitive data, is often leaked publicly (e.g., on GitHub),” GitGuardian said. “If attackers get access to this key, they can exploit a deserialization flaw to…
-
Kritische RCE-Sicherheitslücke kapert mcp-remote-Clients
Das JFrog Security Research Team hat eine schwerwiegende Sicherheitslücke in mcp-remote entdeckt, die es Angreifern ermöglicht, Remote-Code-Ausführungen durchzuführen. Diese Schwachstelle könnte KI-Clients wie Claude Desktop gefährden und das gesamte System kompromittieren. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/rce-sicherheitslucke-mcp-remote