Tag: remote-code-execution
-
React2Shell RCE Flaws Put React and Next.js Apps at Severe Risk
React2Shell exposes critical flaws that let attackers run code on millions of apps. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/react2shell-rce-flaws-put-react-and-next-js-apps-at-severe-risk/
-
React2Shell RCE Flaws Put React and Next.js Apps at Severe Risk
React2Shell exposes critical flaws that let attackers run code on millions of apps. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/react2shell-rce-flaws-put-react-and-next-js-apps-at-severe-risk/
-
Chained Synology BeeStation Vulnerabilities Enable Root Privilege Escalation via Task Scheduler Exploit
While preparing for Pwn2Own Ireland 2025, a security researcher revisiting N-day bugs in Synology NAS has demonstrated a powerful new twist on an existing Synology BeeStation (BST150-4T) exploit chain, achieving unauthenticated root Remote Code Execution (RCE) by abusing the system task scheduler instead of more traditional PHP-based payloads. The work builds on a BeeStation chain…
-
Dangerous RCE Flaw in React, Next.js Threatens Cloud Environments, Apps
Security and developer teams are scrambling to address a highly critical security flaw in frameworks tied to the popular React JavaScript library. Not only is the vulnerability, which also is in the Next.js framework, easy to exploit, but React is widely used, including in 39% of cloud environments. First seen on securityboulevard.com Jump to article:…
-
Critical React, Next.js flaw lets hackers execute code on servers
A maximum severity vulnerability, dubbed ‘React2Shell’, in the React Server Components (RSC) ‘Flight’ protocol allows remote code execution without authentication in React and Next.js applications. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-react2shell-flaw-in-react-nextjs-lets-hackers-run-javascript-code/
-
ShadyPanda’s Years-Long Browser Hack Infected 4.3 Million Users
A threat group dubbed ShadyPanda exploited traditional extension processes in browser marketplaces by uploading legitimate extensions and then quietly weaponization them with malicious updates, infecting 4.3 million Chrome and Edge users with RCE malware and spyware. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/shadypandas-years-long-browser-hack-infected-4-3-million-users/
-
ShadyPanda’s Years-Long Browser Hack Infected 4.3 Million Users
A threat group dubbed ShadyPanda exploited traditional extension processes in browser marketplaces by uploading legitimate extensions and then quietly weaponization them with malicious updates, infecting 4.3 million Chrome and Edge users with RCE malware and spyware. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/shadypandas-years-long-browser-hack-infected-4-3-million-users/
-
WordPress Plugin Vulnerability Under Active Attack, Allowing Remote Code Execution
A severe remote code execution vulnerability in the Sneeit Framework WordPress plugin is under active exploitation, with attackers launching thousands of attacks within hours of public disclosure. WordPress site administrators must immediately update to version 8.4 or later to prevent complete site compromise. On June 10th, 2025, a remote code execution vulnerability was discovered in…
-
WordPress Plugin Vulnerability Under Active Attack, Allowing Remote Code Execution
A severe remote code execution vulnerability in the Sneeit Framework WordPress plugin is under active exploitation, with attackers launching thousands of attacks within hours of public disclosure. WordPress site administrators must immediately update to version 8.4 or later to prevent complete site compromise. On June 10th, 2025, a remote code execution vulnerability was discovered in…
-
WordPress Plugin Vulnerability Under Active Attack, Allowing Remote Code Execution
A severe remote code execution vulnerability in the Sneeit Framework WordPress plugin is under active exploitation, with attackers launching thousands of attacks within hours of public disclosure. WordPress site administrators must immediately update to version 8.4 or later to prevent complete site compromise. On June 10th, 2025, a remote code execution vulnerability was discovered in…
-
Developers urged to immediately upgrade React, Next.js
create-next-app and built for production is vulnerable without any specific code modifications by the developer,” Wiz also warns.The problem in React’s server package, designated CVE-2025-55182, is a logical deserialization vulnerability allowing the server to processes RSC payloads in an unsafe way. When a server receives a specially crafted, malformed payload, say Wiz researchers, it fails to validate the…
-
Kritische Schwachstelle in React (und Next.js)
In den React Server Components gibt es eine kritische RCE-Schwachstelle (CVE-2025-55182) mit einem CVSS-Score von 10.0. Die Schwachstelle hat nicht nur Auswirkungen auf die React Server Components (ein JavaScript-Framework zur Entwicklung von Web-Komponenten), sondern auch auf Next.js. React ist eine JavaScript-Programmbibliothek … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/12/04/kritische-schwachstelle-in-react-und-next-js/
-
RCE flaw in OpenAI’s Codex CLI highlights new risks to dev environments
Tags: access, ai, api, attack, automation, backdoor, cloud, exploit, flaw, google, malicious, open-source, openai, rce, remote-code-execution, risk, service, tool, vulnerabilityMultiple attack vectors: For this flaw to be exploited, the victim needs to clone the repository and run Codex on it and an attacker needs to have commit access to the repo or have their malicious pull request accepted.”Compromised templates, starter repos, or popular open-source projects can weaponize many downstream consumers with a single commit,”…
-
Stealth RCE in Codex Exposes Developer Workflows
A Codex CLI flaw lets attackers turn simple repo files into hidden execution triggers. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/stealth-rce-in-codex-exposes-developer-workflows/
-
4.3M Users Exposed in ShadyPanda’s Long-Running Browser Hack
ShadyPanda spent years hiding inside Google-verified extensions before unleashing an RCE backdoor that compromised 4.3 million users. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/4-3m-users-exposed-in-shadypandas-long-running-browser-hack/
-
Schwachstelle für Malware-Verteilung genutzt – Notfall-Update für kritische RCE-Sicherheitslücke in WSUS
First seen on security-insider.de Jump to article: www.security-insider.de/microsoft-notfall-patch-kritische-wsus-sicherheitsluecke-a-d338bab93ebc2563e1999cae18f17e00/
-
âš¡ Weekly Recap: Hot CVEs, npm Worm Returns, Firefox RCE, M365 Email Raid & More
Hackers aren’t kicking down the door anymore. They just use the same tools we use every day, code packages, cloud accounts, email, chat, phones, and “trusted” partners, and turn them against us.One bad download can leak your keys. One weak vendor can expose many customers at once. One guest invite, one link on a phone,…
-
PoC Released for Outlook “MonikerLink” RCE Flaw Allowing Remote Code Execution
Security researchers have released a proof-of-concept (PoC) exploit for CVE-2024-21413, a critical remote code execution vulnerability in Microsoft Outlook dubbed >>MonikerLink.
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 73
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Analysis of ShadowPad Attack Exploiting WSUS Remote Code Execution Vulnerability (CVE-2025-59287) Shai-Hulud 2.0 Supply Chain Attack: 25K+ npm Repos Exposed Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications Morphisec Thwarts Russian-Linked…
-
Microsofts Update Health Tools (KB4023057) war per RCE angreifbar
Die Microsofts Update Health Tools (KB4023057) Deutsch “Integritätstools Windows Update Service-Komponenten” war in der Version 1.0 angreifbar und ermöglichte Remote Code Execution-Angriffe. In der Version 1.1 sind zumindest Systeme für den EU-Bereich geschützt, wenn ich es richtig interpretiere. … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/30/microsofts-update-health-tools-kb4023057-war-per-rce-angreifbar/
-
Windows-Schwachstelle CVE-2025-59287 wird für ShadowPad-Malware-Verteilung per WSUS genutzt
In Windows Server gab es eine mit einem CVSS Score von 9.8 bewertete kritische RCE-Schwachstelle CVE-2025-59287 im WSUS-Teil, mit dem sich die Systeme übernehmen lassen. Die Schwachstelle wurde im Oktober 2025 mit Sicherheitsupdates geschlossen. Nun gibt es Berichte, dass Angreifer … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/28/windows-schwachstelle-cve-2025-59287-wird-fuer-shadowpad-malware-verteilung-per-wsus-genutzt/
-
Critical vLLM Flaw Puts AI Systems at Risk of Remote Code Execution
A critical flaw in vLLM allows attackers to crash AI servers or execute code remotely by sending malicious prompt embeddings to the Completions API. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/artificial-intelligence/critical-vllm-flaw-puts-ai-systems-at-risk-of-remote-code-execution/
-
Critical Fluent Bit Vulnerabilities Allow Remote Attacks on Cloud Environments
Tags: attack, authentication, cloud, container, cyber, open-source, remote-code-execution, risk, vulnerabilityFive newly discovered critical vulnerabilities in Fluent Bit, the open-source log processor embedded in billions of containers, are sending shockwaves through the cloud security community. Oligo Security’s research uncovers attack chains that enable adversaries to bypass authentication, perform path traversal, hijack tags, and even achieve remote code execution all of which risk the very foundation…
-
Fluent Bit vulnerabilities could enable full cloud takeover
Tags: backdoor, cloud, computing, container, cve, docker, flaw, malicious, open-source, remote-code-execution, vulnerabilityFile writes, container overflow, and full agent takeover: Oligo also disclosed a chain of remote code execution (RCE) and path traversal vulnerabilities affecting the tool. CVE-2025-12972 targets the “out_file” output plugin. When Tag values are user-controlled, and no fixed File parameter is set, attackers can abuse the Tag value (e.g.,”../”) to cause path-traversal file writes…
-
Fluent Bit vulnerabilities could enable full cloud takeover
Tags: backdoor, cloud, computing, container, cve, docker, flaw, malicious, open-source, remote-code-execution, vulnerabilityFile writes, container overflow, and full agent takeover: Oligo also disclosed a chain of remote code execution (RCE) and path traversal vulnerabilities affecting the tool. CVE-2025-12972 targets the “out_file” output plugin. When Tag values are user-controlled, and no fixed File parameter is set, attackers can abuse the Tag value (e.g.,”../”) to cause path-traversal file writes…
-
Fluent Bit vulnerabilities could enable full cloud takeover
Tags: backdoor, cloud, computing, container, cve, docker, flaw, malicious, open-source, remote-code-execution, vulnerabilityFile writes, container overflow, and full agent takeover: Oligo also disclosed a chain of remote code execution (RCE) and path traversal vulnerabilities affecting the tool. CVE-2025-12972 targets the “out_file” output plugin. When Tag values are user-controlled, and no fixed File parameter is set, attackers can abuse the Tag value (e.g.,”../”) to cause path-traversal file writes…
-
Fluent Bit vulnerabilities could enable full cloud takeover
Tags: backdoor, cloud, computing, container, cve, docker, flaw, malicious, open-source, remote-code-execution, vulnerabilityFile writes, container overflow, and full agent takeover: Oligo also disclosed a chain of remote code execution (RCE) and path traversal vulnerabilities affecting the tool. CVE-2025-12972 targets the “out_file” output plugin. When Tag values are user-controlled, and no fixed File parameter is set, attackers can abuse the Tag value (e.g.,”../”) to cause path-traversal file writes…
-
Critical Fluent Bit Vulnerabilities Allow Remote Attacks on Cloud Environments
Tags: attack, authentication, cloud, container, cyber, open-source, remote-code-execution, risk, vulnerabilityFive newly discovered critical vulnerabilities in Fluent Bit, the open-source log processor embedded in billions of containers, are sending shockwaves through the cloud security community. Oligo Security’s research uncovers attack chains that enable adversaries to bypass authentication, perform path traversal, hijack tags, and even achieve remote code execution all of which risk the very foundation…
-
Critical Fluent Bit Vulnerabilities Allow Remote Attacks on Cloud Environments
Tags: attack, authentication, cloud, container, cyber, open-source, remote-code-execution, risk, vulnerabilityFive newly discovered critical vulnerabilities in Fluent Bit, the open-source log processor embedded in billions of containers, are sending shockwaves through the cloud security community. Oligo Security’s research uncovers attack chains that enable adversaries to bypass authentication, perform path traversal, hijack tags, and even achieve remote code execution all of which risk the very foundation…
-
Critical Fluent Bit Vulnerabilities Allow Remote Attacks on Cloud Environments
Tags: attack, authentication, cloud, container, cyber, open-source, remote-code-execution, risk, vulnerabilityFive newly discovered critical vulnerabilities in Fluent Bit, the open-source log processor embedded in billions of containers, are sending shockwaves through the cloud security community. Oligo Security’s research uncovers attack chains that enable adversaries to bypass authentication, perform path traversal, hijack tags, and even achieve remote code execution all of which risk the very foundation…