Tag: remote-code-execution
-
ImageMagick Vulnerability Enables RCE via Malicious File Name Patterns
A critical vulnerability in ImageMagick’s image processing library has been disclosed, enabling remote code execution through carefully crafted filename templates. Tracked as CVE-2025-53101, the flaw stems from a stack buffer underwrite in the MagickCore/image.c module. By specifying multiple consecutive format specifiers in a filename pattern for the magick mogrify command, an attacker can force internal…
-
Critical RCE Vulnerability Found in Symantec Endpoint Management Platform
Security researchers at LRQA have uncovered a critical remote code execution (RCE) vulnerability in Broadcom’s Symantec Endpoint Management Suite, formerly known as Altiris, that could allow unauthenticated attackers to execute arbitrary code on vulnerable systems. The flaw, assigned CVE-2025-5333, affects multiple versions of the widely used enterprise endpoint management platform and has been rated with…
-
Wing FTP Vulnerability Actively Exploited Globally
Remote Code Execution Flaw Affects More Than 5,000 Servers. Threat actors are actively exploiting a critical vulnerability in a server file transfer solution. Researchers say the flaw in Wing FTP Server could allow threat actors to execute system-level commands remotely, using null byte and Lua injection without authentication. First seen on govinfosecurity.com Jump to article:…
-
âš¡ Weekly Recap: Scattered Spider Arrests, Car Exploits, macOS Malware, Fortinet RCE and More
Tags: compliance, cybersecurity, exploit, fortinet, macOS, malware, rce, remote-code-execution, risk, toolIn cybersecurity, precision matters”, and there’s little room for error. A small mistake, missed setting, or quiet misconfiguration can quickly lead to much bigger problems. The signs we’re seeing this week highlight deeper issues behind what might look like routine incidents: outdated tools, slow response to risks, and the ongoing gap between compliance and real…
-
Exploits for unauthenticated FortiWeb RCE are public, so patch quickly! (CVE-2025-25257)
With two proof-of-concept (PoC) exploits made public late last week, CVE-2025-25257 a critical SQL command injection vulnerability in Fortinet’s FortiWeb web … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/14/exploits-for-unauthenticated-fortiweb-rce-are-public-so-patch-quickly-cve-2025-25257/
-
WinRAR 0″‘Day Exploit Listed for $80K on Dark Web Forum
A sophisticated zero-day exploit targeting WinRAR, one of the world’s most popular file compression utilities, has surfaced on a dark web marketplace with a hefty price tag of $80,000. The previously unknown remote code execution (RCE) vulnerability affects both the latest and earlier versions of the widely-used software, raising significant concerns for millions of users…
-
Wing FTP Server flaw actively exploited shortly after technical details were made public
Hackers exploit critical Wing FTP flaw (CVE-2025-47812) for remote code execution with root/system rights after details leaked on June 30. Threat actors are exploiting a critical flaw, tracked as CVE-2025-47812 (CVSS score of 10), in Wing FTP Server that allows remote code execution with root/system privileges. Wing FTP Server is a secure and flexible file…
-
Week in review: Microsoft fixes wormable RCE bug on Windows, check for CitrixBleed 2 exploitation
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes critical wormable Windows flaw (CVE-2025-47981) For July 2025 … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/13/week-in-review-microsoft-fixes-wormable-rce-bug-on-windows-check-for-citrixbleed-2-exploitation/
-
Hackers are exploiting critical RCE flaw in Wing FTP Server
Hackers have started to exploit a critical remote code execution vulnerability in Wing FTP Server just one day after technical details on the flaw became public. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-are-exploiting-critical-rce-flaw-in-wing-ftp-server/
-
Over 600 Laravel Apps Exposed to Remote Code Execution Due to Leaked APP_KEYs on GitHub
Cybersecurity researchers have discovered a serious security issue that allows leaked Laravel APP_KEYs to be weaponized to gain remote code execution capabilities on hundreds of applications.”Laravel’s APP_KEY, essential for encrypting sensitive data, is often leaked publicly (e.g., on GitHub),” GitGuardian said. “If attackers get access to this key, they can exploit a deserialization flaw to…
-
Kritische RCE-Sicherheitslücke kapert mcp-remote-Clients
Das JFrog Security Research Team hat eine schwerwiegende Sicherheitslücke in mcp-remote entdeckt, die es Angreifern ermöglicht, Remote-Code-Ausführungen durchzuführen. Diese Schwachstelle könnte KI-Clients wie Claude Desktop gefährden und das gesamte System kompromittieren. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/rce-sicherheitslucke-mcp-remote
-
Exploits for pre-auth Fortinet FortiWeb RCE flaw released, patch now
Proof-of-concept exploits have been released for a critical SQLi vulnerability in Fortinet FortiWeb that can be used to achieve pre-authenticated remote code execution on vulnerable servers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/exploits-for-pre-auth-fortinet-fortiweb-rce-flaw-released-patch-now/
-
350M Cars, 1B Devices Exposed to 1-Click Bluetooth RCE
Mercedes, Skoda, and Volkswagen vehicles, as well as untold industrial, medical, mobile, and consumer devices, may be exposed to a vulnerable Bluetooth implementation called PerfektBlue. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/350m-cars-1b-devices-1-click-bluetooth-rce
-
CVSS 10 RCE in Wing FTP exploited within 24 hours, security researchers warn
Intruders looked up how to use curl mid-attack – rookie errors kept damage minimal First seen on theregister.com Jump to article: www.theregister.com/2025/07/11/1010_wing_ftp_bug_exploited/
-
JFrog entdeckt kritische RCE-Sicherheitslücke, die mcp-remote-Clients kapern kann
Das Tool mcp-remote gewann an Popularität in der KI-Community, als erste Remote-MCP-Server-Implementierungen aufgetaucht waren. Diese ermöglichten es LLM-Modellen, mit externen Daten und Tools zu interagieren. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/jfrog-entdeckt-kritische-rce-sicherheitsluecke-die-mcp-remote-clients-kapern-kann/a41370/
-
PerfektBlue Bluetooth Vulnerabilities Expose Millions of Vehicles to Remote Code Execution
Cybersecurity researchers have discovered a set of four security flaws in OpenSynergy’s BlueSDK Bluetooth stack that, if successfully exploited, could allow remote code execution on millions of transport vehicles from different vendors.The vulnerabilities, dubbed PerfektBlue, can be fashioned together as an exploit chain to run arbitrary code on cars from at least three major automakers,…
-
Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812)
Threat actors are actively exploiting a recently fixed remote code execution vulnerability (CVE-2025-47812) in Wing FTP Server, security researchers have warned. Wing FTP … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/11/critical-wing-ftp-server-vulnerability-exploited-in-the-wild-cve-2025-47812/
-
Wing FTP Server RCE Vulnerability Under Active Exploitation
Security researchers at Huntress have confirmed active exploitation of a critical remote code execution vulnerability in Wing FTP Server, designated CVE-2025-47812, with the first observed attack occurring just one day after the vulnerability’s public disclosure. The flaw affects versions before 7.4.4 and can lead to root or SYSTEM-level remote code execution, prompting urgent calls for…
-
Laravel APP_KEY Flaw Exploited to Trigger Remote Code Execution on Hundreds of Apps
Tags: credentials, cyber, data, data-breach, exploit, flaw, framework, remote-code-execution, vulnerabilitySecurity researchers have uncovered a critical vulnerability in Laravel applications where exposed APP_KEY credentials are being actively exploited to achieve remote code execution (RCE) on hundreds of production systems. This widespread security flaw stems from Laravel’s automatic deserialization of decrypted data, combined with the framework’s numerous documented gadget chains that enable arbitrary command execution. Critical…
-
PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda
Researchers found critical PerfektBlue flaws in OpenSynergy BlueSDK, allowing remote code execution to hack millions of vehicles’ systems. Researchers at PCA Cyber Security identified a set of critical vulnerabilities, collectively tracked as PerfektBlue, in OpenSynergy BlueSDK Bluetooth stack. The exploitation of the flaws potentially allows remote code execution in millions of vehicles. These flaws could…
-
Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads
Cybersecurity researchers have discovered a critical vulnerability in the open-source mcp-remote project that could result in the execution of arbitrary operating system (OS) commands.The vulnerability, tracked as CVE-2025-6514, carries a CVSS score of 9.6 out of 10.0.”The vulnerability allows attackers to trigger arbitrary OS command execution on the machine running mcp-remote when it First seen…
-
PerfektBlue Bluetooth flaws impact Mercedes, Volkswagen, Skoda cars
Four vulnerabilities dubbed PerfektBlue and affecting the BlueSDK Bluetooth stack from OpenSynergy can be exploited to achieve remote code execution and potentially allow access to critical elements in vehicles from multiple vendors, including Mercedes-Benz AG, Volkswagen, and Skoda. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/perfektblue-bluetooth-flaws-impact-mercedes-volkswagen-skoda-cars/
-
Critical Bluetooth Protocol Vulnerabilities Expose Devices to RCE Attacks
Security researchers have disclosed a critical set of Bluetooth vulnerabilities dubbed >>PerfektBlue
-
Critical Ruckus Wireless Flaws Threaten Enterprise Wi”‘Fi Security
Tags: authentication, cyber, flaw, healthcare, network, remote-code-execution, risk, software, vulnerabilityMultiple critical vulnerabilities discovered in Ruckus Wireless management products pose severe security risks to enterprise networks, with issues ranging from authentication bypass to remote code execution that could lead to complete system compromise. The vulnerabilities affect Virtual SmartZone (vSZ) and Network Director (RND) software used to manage large-scale wireless deployments across schools, hospitals, and smart…
-
Hackers Exploit GeoServer RCE Flaw to Deploy Cryptocurrency Miners
Tags: attack, crypto, cve, cyber, data, exploit, flaw, hacker, intelligence, open-source, rce, remote-code-execution, threat, vulnerabilityThe AhnLab Security Intelligence Center (ASEC) has confirmed that unpatched GeoServer instances are still facing relentless attacks by threat actors exploiting a critical Remote Code Execution (RCE) vulnerability, identified as CVE-2024-36401. GeoServer, an open-source Geographic Information System (GIS) server developed in Java for spatial data processing, became a prime target after the vulnerability was disclosed…
-
Critical mcp”‘remote Vulnerability Enables LLM Clients to Remote Code Execution
The JFrog Security Research team has discovered a critical security vulnerability in mcp-remote, a widely used tool that enables Large Language Model clients to communicate with remote servers, potentially allowing attackers to achieve full system compromise through remote code execution. Severe Security Flaw Affects Popular AI Tool CVE-2025-6514, rated with a critical CVSS score of…
-
July Patch Tuesday: 14 critical Microsoft vulnerabilities, one SAP hole rated at 10 in severity
Tags: access, attack, authentication, business, citrix, computer, control, credentials, cve, cvss, data, email, espionage, exploit, grc, microsoft, monitoring, network, ransomware, remote-code-execution, risk, sap, service, threat, update, vulnerability, windowsNetwork security: Allow PKU2U authentication requests to this computer to use online identities“.Tyler Reguly, Fortra’s associate director of security R&D, told CSO that, based on Microsoft’s presentation of the information, disabling this GPO will mitigate this vulnerability.The second priority is a fix for CVE-2025-49704, a SharePoint Remote Code Execution vulnerability, because it presents a critical risk to a…
-
Microsoft fixes critical wormable Windows flaw (CVE-2025-47981)
For July 2025 Patch Tuesday, Microsoft has released patches for 130 vulnerabilities, among them one that’s publicly disclosed (CVE-2025-49719) and a wormable RCE bug on … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/09/microsoft-fixes-critical-wormable-windows-flaw-cve-2025-47981/