Tag: remote-code-execution
-
The Toxic Cloud Trilogy: Why Your Workloads Are a Ticking Time Bomb
Tags: access, attack, breach, business, cloud, container, credentials, cve, data, data-breach, detection, exploit, group, iam, identity, infrastructure, Internet, least-privilege, mitigation, monitoring, network, remote-code-execution, risk, service, vulnerabilityDon’t let hidden cloud risks become tomorrow’s headline breach. The time to dismantle the toxic cloud trilogy is now. Here’s how Tenable Cloud Security can help. In today’s cloud environments, individual misconfigurations or vulnerabilities are dangerous, but it’s their combinations that can lead to catastrophic breaches. The Tenable Cloud Security Risk Report 2025 reveals that…
-
Hundreds of MCP Servers at Risk of RCE and Data Leaks
Misconfigured AI-linked MCP servers are exposing users to data breaches and remote code execution threats First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/mcp-servers-risk-rce-data-leaks/
-
Cisco warns of max severity RCE flaws in Identity Services Engine
Cisco has published a bulletin to warn about two critical, unauthenticated remote code execution (RCE) vulnerabilities affecting Cisco Identity Services Engine (ISE) and the Passive Identity Connector (ISE-PIC). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-warns-of-max-severity-rce-flaws-in-identity-services-engine/
-
Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access
Cisco has released updates to address two maximum-severity security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could permit an unauthenticated attacker to execute arbitrary commands as the root user.The vulnerabilities, assigned the CVE identifiers CVE-2025-20281 and CVE-2025-20282, carry a CVSS score of 10.0 each. A description of the defects…
-
Cisco fixed critical ISE flaws allowing Root-level remote code execution
Cisco released patches to address two critical vulnerabilities in ISE and ISE-PIC that could let remote attackers execute to code as root. Cisco addressed two critical vulnerabilities, tracked as CVE-2025-20281 and CVE-2025-20282, in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could allow remote, unauthenticated attackers to execute arbitrary code with root…
-
Hundreds of MCP Servers Expose AI Models to Abuse, RCE
The servers that connect AI with real-world data are occasionally wide-open channels for cyberattacks. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/hundreds-mcp-servers-ai-models-abuse-rce
-
Critical Kibana Flaws Enable Heap Corruption and Remote Code Execution
A critical security flaw has been uncovered in Kibana, the popular data visualization platform for the Elastic Stack, exposing organizations to severe risks of heap corruption and potential remote code execution. The vulnerability, tracked as CVE-2025-2135, carries a CVSS v3.1 score of 9.9, marking it as a critical threat that requires immediate attention from both…
-
CentOS Web Panel Vulnerability Allows Remote Code Execution PoC Released
A critical security vulnerability has been discovered in CentOS Web Panel (CWP), a widely used web hosting management solution. The flaw, tracked as CVE-2025-48703, allows unauthenticated attackers to execute arbitrary commands on affected systems, potentially leading to full server compromise. A proof-of-concept (PoC) exploit demonstrating remote code execution (RCE) has been publicly released, raising concerns…
-
Critical Convoy Flaw Allows Remote Code Execution on Servers
A critical vulnerability (CVE-2025-52562) in Performave Convoy”, a KVM server management panel widely used by hosting providers”, enables unauthenticated attackers to execute arbitrary code on affected systems. Rated the maximum CVSS score of 10.0, this flaw exposes servers to complete compromise without requiring authentication. Vulnerability Summary According to the Github report, the flaw resides in…
-
High-risk WinRAR RCE vulnerability patched, update quickly! (CVE-2025-6218)
A recently patched directory traversal vulnerability (CVE-2025-6218) in WinRAR could be leveraged by remote attackers to execute arbitrary code on affected installations. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/24/high-risk-winrar-rce-flaw-patched-update-quickly-cve-2025-6218/
-
WinRAR Vulnerability Exploited with Malicious Archives to Execute Code
Tags: cve, cvss, cyber, exploit, flaw, malicious, remote-code-execution, risk, vulnerability, windowsA newly disclosed vulnerability in RARLAB’s WinRAR, the widely used file compression utility for Windows, has put millions of users at risk of remote code execution (RCE) attacks. Tracked as CVE-2025-6218 and assigned a CVSS score of 7.8 (High), this flaw allows attackers to execute arbitrary code simply by convincing a victim to open a…
-
Aviatrix Cloud Controller Flaw Enables Remote Code Execution via Authentication Bypass
Tags: attack, authentication, cloud, cyber, flaw, injection, mandiant, password, RedTeam, remote-code-execution, software, vulnerabilityA Mandiant Red Team engagement has uncovered two critical vulnerabilities in Aviatrix Controller”, cloud networking software used to manage multi-cloud environments. The flaws enable full system compromise through an authentication bypass (CVE-2025-2171) followed by authenticated command injection (CVE-2025-2172). Authentication Bypass (CVE-2025-2171) The attack chain begins with a weak password reset mechanism. Attackers can brute-force 6-digit…
-
Zyxel Devices Hit by Active Exploits Targeting CVE-2023-28771 Vulnerability
Zyxel users beware: A critical remote code execution flaw (CVE-2023-28771) in Zyxel devices is under active exploitation by a Mirai-like botnet. GreyNoise observed a surge on June 16, targeting devices globally. First seen on hackread.com Jump to article: hackread.com/zyxel-devices-active-exploits-cve-2023-28771-vulnerability/
-
ClamAV 1.4.3 and 1.0.9 Released with Fixes for Critical Remote Code Execution Vulnerability
The ClamAV development team has rolled out two crucial security patch releases, versions 1.4.3 and 1.0.9, aimed at resolving significant vulnerabilities that could compromise system integrity. Alongside these patches, the team has introduced Linux aarch64 (ARM64) RPM and DEB installer packages for the 1.4 LTS release, broadening compatibility for users on ARM-based architectures. The release…
-
Veeam Backup Replication: Critical RCE Patched
Summary On June 1 7, data resilience vendor Veeam released security updates to fix three vulnerabilities: one critical severity RCE and one high severity ACE First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/06/18/veeam-backup-replication-critical-rce-patched/
-
Veeam Patches CVE-2025-23121: Critical RCE Bug Rated 9.9 CVSS in Backup & Replication
Veeam has rolled out patches to contain a critical security flaw impacting its Backup & Replication software that could result in remote code execution under certain conditions.The security defect, tracked as CVE-2025-23121, carries a CVSS score of 9.9 out of a maximum of 10.0.”A vulnerability allowing remote code execution (RCE) on the Backup Server by…
-
New Veeam RCE flaw lets domain users hack backup servers
Veeam has released security updates today to fix several Veeam Backup & Replication (VBR) flaws, including a critical remote code execution (RCE) vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-veeam-rce-flaw-lets-domain-users-hack-backup-servers/
-
Sitecore CMS exploit chain starts with hardcoded ‘b’ password
A chain of Sitecore Experience Platform (XP) vulnerabilities allows attackers to perform remote code execution (RCE) without authentication to breach and hijack servers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sitecore-cms-exploit-chain-starts-with-hardcoded-b-password/
-
Malicious PyPI package targets Chimera users to steal AWS tokens, CI/CD secrets
Tags: attack, control, exploit, malicious, monitoring, open-source, pypi, rce, remote-code-execution, supply-chainProtection needs a multi-layered approach: Experts are treating the chimera-sandbox-extension incident as more than just another malicious package takedown. While JFrog acted quickly”, alerting PyPI maintainers, removing the package, and updating its Xray scannerresearchers agree that a one-time fix isn’t enough.”Within the last five years, attackers have leveraged PyPI and other package managers to exploit…
-
BeyondTrust Tools RCE Vulnerability Allows Attackers Execute Arbitrary Code
Tags: access, advisory, cve, cyber, cybersecurity, flaw, injection, rce, remote-code-execution, tool, vulnerabilityA newly disclosed vulnerability in BeyondTrust’s Remote Support (RS) and Privileged Remote Access (PRA) products has raised alarms across the cybersecurity community. The flaw, tracked as CVE-2025-5309 and detailed in advisory BT25-04, allows attackers to execute arbitrary code on affected servers via a Server-Side Template Injection (SSTI) vulnerability in the chat feature. With a CVSSv4…
-
Critical Vulnerabilities in Sitecore Could Lead to Widespread Enterprise Attacks
A series of newly disclosed critical vulnerabilities in the Sitecore Experience Platform (XP) have raised alarm across the enterprise technology sector, with security researchers warning that unpatched systems could be exposed to devastating remote code execution (RCE) attacks. Sitecore, a widely adopted content management system (CMS) used by major enterprises”, including banks, airlines, and Fortune…
-
Hard-Coded ‘b’ Password in Sitecore XP Sparks Major RCE Risk in Enterprise Deployments
Tags: cybersecurity, flaw, password, rce, remote-code-execution, risk, software, tool, vulnerabilityCybersecurity researchers have disclosed three security flaws in the popular Sitecore Experience Platform (XP) that could be chained to achieve pre-authenticated remote code execution.Sitecore Experience Platform is an enterprise-oriented software that provides users with tools for content management, digital marketing, and analytics and reports.The list of vulnerabilities, which are yet to be First seen on…
-
Chained Flaws in Enterprise CMS Provider Sitecore Could Allow Remote Code Execution
WatchTowr has found three vulnerabilities in the Sitecore Experience Platform, used by HSBC and L’Oréal First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chained-flaws-cms-sitecore-rce/
-
Attackers target Zyxel RCE vulnerability CVE-2023-28771
GreyNoise researchers have observed exploit attempts targeting the remote code execution vulnerability CVE-2023-28771 in Zyxel devices. On June 16, GreyNoise researchers detected exploit attempts targeting CVE-2023-28771 (CVSS score 9.8), a remote code execution flaw impacting Zyxel IKE decoders over UDP port 500. >>Exploitation attempts against CVE-2023-28771 were minimal throughout recent weeks.On June 16, GreyNoise observed…
-
New Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS Attacks
Tags: ai, attack, botnet, cybersecurity, ddos, exploit, flaw, malware, rce, remote-code-execution, vulnerabilityCybersecurity researchers have called attention to a new campaign that’s actively exploiting a recently disclosed critical security flaw in Langflow to deliver the Flodrix botnet malware.”Attackers use the vulnerability to execute downloader scripts on compromised Langflow servers, which in turn fetch and install the Flodrix malware,” Trend Micro researchers Aliakbar Zahravi, Ahmed Mohamed First seen…
-
Hackers Weaponize Langflow Vulnerability to Launch Flodrix Botnet
Tags: ai, botnet, cve, cvss, cyber, cybercrime, exploit, flaw, framework, hacker, remote-code-execution, vulnerabilityA critical security flaw in Langflow, a widely adopted Python-based AI prototyping framework, is being actively exploited by cybercriminals to deploy the rapidly evolving Flodrix botnet. Security researchers have confirmed that attackers are exploiting CVE-2025-3248, a remote code execution (RCE) vulnerability rated 9.8 on the CVSS scale, to compromise unpatched Langflow servers and enlist them…
-
Zyxel Devices Under Attack as Hackers Exploit UDP Port RCE Flaw
Tags: attack, control, cve, cyber, cyberattack, exploit, firewall, flaw, hacker, Internet, rce, remote-code-execution, vpn, vulnerability, zyxelA sudden and highly coordinated wave of cyberattacks has struck Zyxel firewall and VPN devices worldwide, as hackers exploit a critical remote code execution (RCE) vulnerability tracked as CVE-2023-28771. The attacks, observed on June 16, 2025, leveraged UDP port 500″, the Internet Key Exchange (IKE) packet decoder”, to remotely inject system commands and potentially seize…
-
Trend Micro fixes critical bugs in Apex Central and TMEE PolicyServer
Trend Micro fixed multiple vulnerabilities that impact its Apex Central and Endpoint Encryption (TMEE) PolicyServer products. Trend Micro address remote code execution and authentication bypass vulnerabilities impacting its Endpoint Encryption (TMEE) PolicyServer and Apex Central solutions. Trend Micro Endpoint Encryption PolicyServer is a centralized management server used in Trend Micro’s Endpoint Encryption solution. It acts…
-
WebDAV Remote Code Execution 0-Day Actively Exploited, PoC Released
A critical zero-day vulnerability in Microsoft’s Web Distributed Authoring and Versioning (WebDAV) protocol, tracked as CVE-2025-33053, has been actively exploited by the advanced persistent threat (APT) group Stealth Falcon since March 2025. The flaw, patched in June’s Patch Tuesday, enables remote code execution (RCE) via manipulated .url shortcut files and has been linked to attacks…