Tag: remote-code-execution
-
ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories
You know that feeling when you open your feed on a Thursday morning and it’s just… a lot? Yeah. This week delivered. We’ve got hackers getting creative in ways that are almost impressive if you ignore the whole “crime” part, ancient vulnerabilities somehow still ruining people’s days, and enough supply chain drama to fill a…
-
Microsoft’s April 2026 Patch Tuesday Addresses 163 CVEs (CVE-2026-32201)
Tags: advisory, api, attack, best-practice, cloud, container, cve, cvss, cyber, data, exploit, firewall, firmware, flaw, framework, github, Internet, malicious, microsoft, mitigation, office, powershell, rce, remote-code-execution, service, software, sql, startup, tool, update, vulnerability, windows, zero-day8Critical 154Important 1Moderate 0Low Microsoft addresses 163 CVEs in the April 2026 Patch Tuesday release, including two zero-day vulnerabilities, one of which was exploited in the wild. Microsoft patched 163 CVEs in its April 2026 Patch Tuesday release, with eight rated critical, 154 rated as important and one rated as moderate. This is the second…
-
Attackers target unpatched ShowDoc servers via CVE-2025-0520
A critical RCE flaw, tracked as CVE-2025-0520, in ShowDoc is being actively exploited, putting unpatched servers at serious risk. A critical remote code execution flaw, tracked as CVE-2025-0520 (CVSS score of 9.4), affecting ShowDoc is under active exploitation in the wild. ShowDoc is an online tool that helps IT teams share documents and improve collaboration…
-
Hackers Exploit Critical ShowDoc RCE Flaw in Ongoing Attacks
Tags: attack, cyber, cybersecurity, exploit, flaw, hacker, rce, remote-code-execution, risk, software, vulnerabilityCybersecurity researchers have highlighted a critical vulnerability in ShowDoc, a widely used online document-sharing platform designed for IT teams. Tracked as CNVD-2020-26585, this severe security flaw allows unauthenticated remote code execution (RCE) on compromised servers. The vulnerability poses a significant risk to organizations relying on outdated versions of the software for internal collaboration, as it…
-
Hackers Exploit Kali Forms Vulnerability to Take Over WordPress Sites
A recently disclosed Kali Forms vulnerability affecting a widely used WordPress plugin has escalated into an active security threat, enabling unauthenticated attackers to achieve Remote Code Execution on affected websites. The flaw impacts Kali Forms, a drag-and-drop form builder with more than 10,000 active installations, and has already been exploited in the wild shortly after…
-
ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers
A critical security vulnerability impacting ShowDoc, a document management and collaboration service popular in China, has come under active exploitation in the wild.The vulnerability in question is CVE-2025-0520 (aka CNVD-2020-26585), which carries a CVSS score of 9.4 out of 10.0.It relates to a case of unrestricted file upload that stems from improper validation of First…
-
EUVD-2025-34630 / CVE-2025-53521 – Schwachstelle für RCE-Angriffe auf F5 BIG-IP aktiv missbraucht
First seen on security-insider.de Jump to article: www.security-insider.de/f5-big-ip-apm-kritische-rce-cve-2025-53521-a-6cca6e8b034b3416540dc3ee3590d1fb/
-
Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure
Tags: access, advisory, ai, api, attack, authentication, breach, cloud, credentials, cve, data-breach, exploit, firewall, flaw, Internet, open-source, rce, remote-code-execution, software, theft, tool, update, vulnerabilityCredentials stolen in under three minutes: To track real-world exploitation, deployed honeypot servers running vulnerable Marimo instances across multiple cloud providers and observed the first exploitation attempt within 9 hours and 41 minutes of disclosure. No ready-made exploit tool existed at the time. The attacker had built one using only the advisory description, Sysdig researchers…
-
Critical Axios Vulnerability Enables Remote Code Execution, PoC Released
A critical security vulnerability has been discovered in Axios, one of the most widely used HTTP client libraries, exposing applications to Remote Code Execution (RCE) and full cloud infrastructure compromise. Tracked as CVE-2026-40175, this flaw carries a critical CVSS 3.1 score of 9.9 and allows attackers to bypass AWS IMDSv2 security controls to exfiltrate sensitive…
-
Marimo RCE Vulnerability Exploited Within 10 Hours of Public Disclosure
Tags: cve, cvss, cyber, data-breach, exploit, flaw, open-source, rce, remote-code-execution, vulnerabilityA critical remote code execution (RCE) vulnerability in the open-source Python notebook platform Marimo was actively exploited less than 10 hours after its public disclosure. The flaw, initially tracked as GHSA-2679-6mx9-h9xc and later assigned CVE-2026-39987, carries a critical CVSS score of 9.3. It allows unauthenticated attackers to gain a full interactive shell on exposed Marimo…
-
Marimo RCE Vulnerability Exploited Within 10 Hours of Public Disclosure
Tags: cve, cvss, cyber, data-breach, exploit, flaw, open-source, rce, remote-code-execution, vulnerabilityA critical remote code execution (RCE) vulnerability in the open-source Python notebook platform Marimo was actively exploited less than 10 hours after its public disclosure. The flaw, initially tracked as GHSA-2679-6mx9-h9xc and later assigned CVE-2026-39987, carries a critical CVSS score of 9.3. It allows unauthenticated attackers to gain a full interactive shell on exposed Marimo…
-
Marimo RCE Flaw Exploited Within Hours of Disclosure
A Marimo RCE flaw is being exploited within hours, giving attackers unauthenticated access to sensitive systems. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/marimo-rce-flaw-exploited-within-hours-of-disclosure/
-
Critical Marimo pre-auth RCE flaw now under active exploitation
A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged for credential theft. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-marimo-pre-auth-rce-flaw-now-under-active-exploitation/
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 92
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Thirty-Six Malicious npm Strapi Packages Deploy Redis RCE, Database Theft, and Persistent C2 Malicious LNK Files Distributing a Python-Based Backdoor and Changes in Distribution Techniques (Kimsuky Group) Hackers Are Attempting to Turn ComfyUI Servers Into a…
-
CVE-2026-39987: Marimo RCE exploited in hours after disclosure
A critical flaw, tracked as CVE-2026-39987, in the open-source Python notebook tool Marimo was exploited within 10 hours of disclosure. A critical flaw in Marimo, tracked as CVE-2026-39987 (CVSS score of 9.3) was exploited just 10 hours after disclosure (On April 8, 2026). Sysdig Threat Research Team observed exploitation of the Marimo flaw within 9…
-
Claude uncovers a 13″‘year”‘old ActiveMQ RCE bug within minutes
AI accelerated discovery: ActiveMQ has been here before. The platform has a track record of high-impact vulnerabilities tied to management surfaces and unsafe assumptions around trusted inputs. From older web console flaws to deserialization bugs and protocol-level RCEs, administrative functionalities have consistently become attack vectors.But none of the previous flaws were found the way CVE-2026-34197…
-
Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure
A critical security vulnerability in Marimo, an open-source Python notebook for data science and analysis, has been exploited within 10 hours of public disclosure, according to findings from Sysdig.The vulnerability in question is CVE-2026-39987 (CVSS score: 9.3), a pre-authenticated remote code execution vulnerability impacting all versions of Marimo prior to and including First seen on…
-
AWS Fixes Severe RCE, Privilege Escalation Flaws in Research and Engineering Studio
AWS recently issued a critical security bulletin addressing severe vulnerabilities in its Research and Engineering Studio (RES). RES is an open-source web portal that allows administrators to create and manage secure cloud-based research environments. Security researchers identified three major flaws in the platform that could lead to remote code execution (RCE) and privilege escalation. If…
-
Claude helps researcher dig up decade-old Apache ActiveMQ RCE vulnerability (CVE-2026-34197)
In the latest demonstration of how AI assistants can help with bug hunting, Horizon3.ai researcher Naveen Sunkavally used Claude to unearth CVE-2026-34197, a remote code … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/09/apache-activemq-rce-vulnerability-cve-2026-34197-claude/
-
ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories
Thursday. Another week, another batch of things that probably should’ve been caught sooner but weren’t.This one’s got some range, old vulnerabilities getting new life, a few “why was that even possible” moments, attackers leaning on platforms and tools you’d normally trust without thinking twice. Quiet escalations more than loud zero-days, but the kind that matter…
-
Critical Vulnerability in Ninja Forms Exposes WordPress Sites
Ninja Forms File Upload RCE via unauthenticated arbitrary file upload; update to 3.3.27 immediately First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/flaw-ninja-forms-wordpress/
-
CVE-2026-25769: Critical Remote Code Execution in Wazuh via Unsafe Deserialization
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/cve-2026-25769-critical-remote-code-execution-in-wazuh-via-unsafe-deserialization
-
CVE-2026-25769: Critical Remote Code Execution in Wazuh via Unsafe Deserialization
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/cve-2026-25769-critical-remote-code-execution-in-wazuh-via-unsafe-deserialization
-
13-year-old bug in ActiveMQ lets hackers remotely execute commands
Security researchers discovered a remote code execution (RCE) vulnerability in Apache ActiveMQ Classic that has gone undetected for 13 years and could be exploited to execute arbitrary commands. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/13-year-old-bug-in-activemq-lets-hackers-remotely-execute-commands/
-
Hackers Target Adobe Reader Users With Sophisticated Zero-Day Exploit
Tags: adobe, attack, cyber, exploit, hacker, intelligence, remote-code-execution, threat, vulnerability, zero-daySecurity researchers at EXPMON have uncovered a highly sophisticated, unpatched zero-day vulnerability actively targeting Adobe Reader users. The exploit, first detected in the wild late last month, allows threat actors to silently steal local files, gather sensitive system information, and potentially deploy remote code execution (RCE) attacks against compromised machines. According to the threat intelligence…
-
Hackers Target Adobe Reader Users With Sophisticated Zero-Day Exploit
Tags: adobe, attack, cyber, exploit, hacker, intelligence, remote-code-execution, threat, vulnerability, zero-daySecurity researchers at EXPMON have uncovered a highly sophisticated, unpatched zero-day vulnerability actively targeting Adobe Reader users. The exploit, first detected in the wild late last month, allows threat actors to silently steal local files, gather sensitive system information, and potentially deploy remote code execution (RCE) attacks against compromised machines. According to the threat intelligence…
-
Critical Flowise RCE Vulnerability Actively Exploited, Thousands of Systems at Risk
A critical Flowise RCE vulnerability is now being actively exploited. The flaw, tracked as CVE-2025-59528, carries a maximum severity rating and enables attackers to execute arbitrary code on affected systems, potentially leading to full system compromise. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/flowise-rce-vulnerability-cve-2025-59528/
-
Claude Identifies Critical 13-Year-Old RCE Vulnerability in Apache ActiveMQ
An AI assistant recently uncovered a critical remote code execution (RCE) vulnerability in Apache ActiveMQ Classic that went unnoticed for 13 years. Tracked as CVE-2026-34197, this flaw allows attackers to force the message broker to download a remote configuration file and execute arbitrary operating system commands. While exploiting this typically requires administrator credentials, a separate…