Topic: remote code execution

Sort by: Relevance | Date
  • Microsoft Silent as Hackers Exploit WSUS Server Bug
    October 28, 2025
    96%

    Microsoft Silent as Hackers Exploit WSUS Server Bug

    A critical Windows Server Update Services (WSUS) vulnerability (CVE-2025-59287) is being actively exploited, allowing attackers to execute arbitrary code and take full control of affected systems. Microsoft issued an emergency patch after an initial fix failed, but security researchers have alrea...

    Read More »
  • Critical WatchGuard Firebox Flaw Actively Exploited in Attacks
    December 21, 2025
    95%

    Critical WatchGuard Firebox Flaw Actively Exploited in Attacks

    A critical, unauthenticated remote code execution vulnerability (CVE-2025-14733) in WatchGuard Firebox firewalls is being actively exploited, requiring urgent patching. The flaw impacts numerous Firebox models and specific Fireware OS versions, primarily affecting systems using IKEv2 VPN, with a ...

    Read More »
  • Critical 'React2Shell' Vulnerability Exposes React.js
    December 6, 2025
    95%

    Critical 'React2Shell' Vulnerability Exposes React.js

    A critical vulnerability (CVE-2025-55182) in React.js and Next.js, dubbed React2Shell, allows unauthenticated remote code execution with a severity score of 10.0, posing a severe risk to servers. The flaw, exploitable via a simple HTTP request, impacts React Server Function endpoints and default ...

    Read More »
  • Critical React & Node.js Flaw Patched: Update Now (CVE-2025-55182)
    December 5, 2025
    95%

    Critical React & Node.js Flaw Patched: Update Now (CVE-2025-55182)

    A critical remote code execution vulnerability (CVE-2025-55182) affects React versions 19.0.0 through 19.2.0, requiring an immediate update to version 19.2.1. The flaw involves unsafe deserialization in React Server Components, impacting not only React but also major dependent frameworks like Nex...

    Read More »
  • Urgent: Actively Exploited WSUS Bug Now on CISA KEV List
    October 29, 2025
    95%

    Urgent: Actively Exploited WSUS Bug Now on CISA KEV List

    A critical security flaw (CVE-2025-59287) in Windows Server Update Services (WSUS) allows unauthenticated attackers to execute remote code with system privileges by exploiting the GetCookie() endpoint. The vulnerability is under active exploitation, prompting urgent patching by Microsoft and incl...

    Read More »
  • Urgent Microsoft WSUS Flaw Actively Exploited After Patch
    October 28, 2025
    95%

    Urgent Microsoft WSUS Flaw Actively Exploited After Patch

    A severe security vulnerability (CVE-2025-59287) in Microsoft's WSUS allows unauthenticated remote code execution with SYSTEM privileges, prompting an urgent out-of-band patch due to incomplete initial fixes. The flaw arises from unsafe deserialization via BinaryFormatter in the `GetCookie()` end...

    Read More »
  • Critical Redis Flaw Exposes Thousands of Instances
    October 8, 2025
    95%

    Critical Redis Flaw Exposes Thousands of Instances

    A critical security vulnerability (CVE-2025-49844) in Redis allows authenticated attackers to execute remote code via a use-after-free flaw in Lua scripting, posing a severe risk to systems. The flaw affects a vast number of organizations due to Redis's widespread use in cloud environments, and i...

    Read More »
  • Critical RCE Flaw in Western Digital My Cloud NAS (CVE-2025-30247)
    October 1, 2025
    95%

    Critical RCE Flaw in Western Digital My Cloud NAS (CVE-2025-30247)

    Western Digital has released a critical firmware update (version 5.31.108) to fix a severe remote code execution vulnerability (CVE-2025-30247) in multiple My Cloud NAS models, urging immediate installation to prevent unauthorized access and system takeover. The vulnerability is an OS command inj...

    Read More »
  • SolarWinds Issues Urgent Patch for Critical Web Help Desk Flaw
    September 24, 2025
    95%

    SolarWinds Issues Urgent Patch for Critical Web Help Desk Flaw

    SolarWinds has released an urgent hotfix for a critical, unauthenticated remote code execution vulnerability (CVE-2025-26399) in its Web Help Desk software, which poses a severe risk to affected systems. The flaw is a patch bypass for a previous vulnerability and stems from unsafe deserialization...

    Read More »
  • Critical Security Flaw in Commvault Backup Suite Allows Remote Code Execution
    August 21, 2025
    95%

    Critical Security Flaw in Commvault Backup Suite Allows Remote Code Execution

    A critical security vulnerability in on-premises Commvault deployments allows unauthenticated attackers to execute remote code by chaining four distinct flaws (CVE-2025-57788, CVE-2025-57789, CVE-2025-57790, and CVE-2025-57791). These vulnerabilities impact essential components like the Web Serve...

    Read More »
  • CISA Urges Immediate Patch for Critical Windows Server Flaw
    October 29, 2025
    94%

    CISA Urges Immediate Patch for Critical Windows Server Flaw

    A critical remote code execution vulnerability (CVE-2025-59287) in Windows Server Update Services (WSUS) allows attackers to gain full SYSTEM-level control without user interaction, posing a severe threat to organizational networks. CISA has mandated federal agencies to patch the flaw within thre...

    Read More »
  • Sitecore Zero-Day Exploit Actively Attacked (CVE-2025-53690)
    September 6, 2025
    92%

    Sitecore Zero-Day Exploit Actively Attacked (CVE-2025-53690)

    A critical zero-day vulnerability (CVE-2025-53690) in Sitecore on-premises deployments is being actively exploited, allowing unauthorized access and remote code execution. Attackers leverage a known sample ASP.NET machine key to exploit ViewState deserialization, enabling them to deploy malware, ...

    Read More »
  • Patch Now: Critical MongoDB RCE Flaw Demands Immediate Action
    December 27, 2025
    90%

    Patch Now: Critical MongoDB RCE Flaw Demands Immediate Action

    A critical, high-severity vulnerability (CVE-2025-14847) in MongoDB allows unauthenticated attackers to remotely execute code by exploiting a flaw in the zlib compression implementation. Administrators must immediately upgrade to specific patched versions (e.g., MongoDB 8.2.3) or, as a workaround...

    Read More »
  • Urgent: WatchGuard Firewalls Targeted by Critical Attack (CVE-2025-14733)
    December 24, 2025
    90%

    Urgent: WatchGuard Firewalls Targeted by Critical Attack (CVE-2025-14733)

    Over 115,000 WatchGuard Firebox firewalls are actively being targeted via a critical, unauthenticated remote code execution flaw (CVE-2025-14733) in the Fireware OS's IKED process. The U.S. CISA has mandated patching due to active exploitation, requiring an immediate upgrade to specific fixed Fir...

    Read More »
  • Microsoft Patches 3 Zero-Days, 57 Flaws in December Update
    December 11, 2025
    90%

    Microsoft Patches 3 Zero-Days, 57 Flaws in December Update

    Microsoft's December 2025 Patch Tuesday addressed 57 vulnerabilities, including three critical remote code execution flaws and three zero-day issues. One zero-day (CVE-2025-62221) is actively exploited, allowing local privilege escalation, while two others were publicly disclosed before patching....

    Read More »
  • RondoDox Botnet Exploits Critical XWiki Server Flaw
    November 19, 2025
    90%

    RondoDox Botnet Exploits Critical XWiki Server Flaw

    The RondoDox botnet malware is actively exploiting a critical remote code execution vulnerability (CVE-2025-24893) in XWiki Platform, as confirmed by U.S. cybersecurity authorities and VulnCheck. This malware uses manipulated HTTP requests to inject and execute malicious code, downloading scripts...

    Read More »
  • Urgent: Critical Web Panel Flaw Actively Exploited (CVE-2025-48703)
    November 8, 2025
    90%

    Urgent: Critical Web Panel Flaw Actively Exploited (CVE-2025-48703)

    A critical security vulnerability (CVE-2025-48703) in Control Web Panel (CWP) is being actively exploited, posing a severe threat to web hosting environments and prompting its addition to CISA's Known Exploited Vulnerabilities catalog. The flaw is an OS command injection that allows unauthenticat...

    Read More »
  • Skuld Infostealer Exploits WSUS Flaw (CVE-2025-59287)
    October 31, 2025
    90%

    Skuld Infostealer Exploits WSUS Flaw (CVE-2025-59287)

    A critical remote code execution vulnerability (CVE-2025-59287) in Windows Server Update Services (WSUS) is being actively exploited, allowing attackers to install information-stealing malware on unpatched systems. The flaw stems from unsafe deserialization of untrusted data, enabling unauthentic...

    Read More »
  • Abandoned Rust Library Flaw Sparks RCE Attack Risk
    October 28, 2025
    90%

    Abandoned Rust Library Flaw Sparks RCE Attack Risk

    A critical security vulnerability (CVE-2025-62518) in the abandoned async-tar and tokio-tar Rust libraries allows remote code execution via desynchronization during TAR archive extraction, enabling attackers to insert malicious entries without authentication. The flaw, named TARmageddon, arises f...

    Read More »
  • Active Attacks Exploit Critical WSUS Flaw in Windows Server
    October 25, 2025
    90%

    Active Attacks Exploit Critical WSUS Flaw in Windows Server

    Actively exploited critical vulnerabilities (CVE-2025-59287) in Windows Server Update Services (WSUS) allow remote code execution and system takeover, requiring immediate emergency patching. Microsoft has released out-of-band security updates for all affected Windows Server versions and recommend...

    Read More »
  • Microsoft Fixes Critical WSUS Flaw Under Active Attack
    October 25, 2025
    90%

    Microsoft Fixes Critical WSUS Flaw Under Active Attack

    Microsoft has released an emergency patch for a critical, actively exploited vulnerability (CVE-2025-59287) in Windows Server Update Services, allowing unauthorized remote code execution without user interaction. The flaw is wormable and could enable attackers to take control of WSUS servers, pot...

    Read More »
  • Urgent WSUS Vulnerability: Patch Windows Server Now
    October 25, 2025
    90%

    Urgent WSUS Vulnerability: Patch Windows Server Now

    A critical security flaw (CVE-2025-59287) in Microsoft's WSUS allows unauthorized remote code execution with system-level privileges, affecting multiple Windows Server versions. The vulnerability stems from the deserialization of untrusted data, enabling attackers to fully compromise servers, pro...

    Read More »
  • Microsoft Patches 6 Zero-Day Exploits in Critical October Update
    October 20, 2025
    90%

    Microsoft Patches 6 Zero-Day Exploits in Critical October Update

    Microsoft's October 2025 Patch Tuesday addresses 172 vulnerabilities, including six actively exploited zero-days and eight critical-rated flaws, with a focus on remote code execution and privilege escalation risks. Windows 10 has reached its end of support, requiring users to enroll in Extended S...

    Read More »
  • SolarWinds Patches Critical RCE Flaw in Web Help Desk
    September 25, 2025
    90%

    SolarWinds Patches Critical RCE Flaw in Web Help Desk

    SolarWinds has released a critical update for its Web Help Desk software to patch CVE-2025-26399, an unauthenticated remote code execution vulnerability requiring immediate action to prevent system compromise. The flaw, located in the AjaxProxy class, allows remote attackers to execute arbitrary ...

    Read More »
  • WatchGuard Issues Critical Firewall Vulnerability Alert
    September 19, 2025
    90%

    WatchGuard Issues Critical Firewall Vulnerability Alert

    WatchGuard has disclosed a critical remote code execution vulnerability (CVE-2025-9242) in its Firebox firewalls, allowing unauthenticated attackers to run arbitrary code on affected devices. The flaw impacts Fireware OS versions 11.x, 12.x, and 2025.1, specifically when IKEv2 VPN is configured, ...

    Read More »
  • AI-Powered Cursor IDE at Risk of Prompt Injection Attacks
    August 2, 2025
    90%

    AI-Powered Cursor IDE at Risk of Prompt Injection Attacks

    A critical security flaw (CVE-2025-54135) in Cursor IDE, dubbed CurXecute, allows remote code execution via manipulated AI prompts, risking unauthorized system access. Attackers can exploit the Model Context Protocol (MCP) by injecting malicious prompts through third-party servers (e.g., Slack), ...

    Read More »
  • Patch Now: FortiWeb Pre-Auth RCE Exploits Released
    July 13, 2025
    90%

    Patch Now: FortiWeb Pre-Auth RCE Exploits Released

    A critical vulnerability (CVE-2025-25257, 9.8/10 severity) in Fortinet's FortiWeb WAF allows unauthenticated remote code execution via SQL injection, requiring immediate patching. Exploits leverage improper SQL sanitization in the Fabric Connector, enabling attackers to inject malicious commands ...

    Read More »
  • Active Exploits Target Critical Wing FTP Server Flaw (CVE-2025-47812)
    July 12, 2025
    90%

    Active Exploits Target Critical Wing FTP Server Flaw (CVE-2025-47812)

    A critical remote code execution flaw (CVE-2025-47812) in Wing FTP Server is being actively exploited, allowing unauthenticated attackers to execute arbitrary system commands with elevated privileges. The vulnerability stems from improper input validation in Wing FTP's web interfaces, enabling Lu...

    Read More »
  • Critical Veeam Flaws Let Hackers Execute Code on Backup Servers
    January 8, 2026
    88%

    Critical Veeam Flaws Let Hackers Execute Code on Backup Servers

    Veeam has released a critical security patch for its Backup & Replication software to address a high-severity remote code execution vulnerability (CVE-2025-59470) that requires privileged account access. The update fixes two additional vulnerabilities, including one allowing remote code execution...

    Read More »
  • RondoDox Botnet Breaches Next.js Servers via React2Shell Flaw
    January 2, 2026
    88%

    RondoDox Botnet Breaches Next.js Servers via React2Shell Flaw

    The RondoDox botnet is actively exploiting the critical React2Shell vulnerability (CVE-2025-55182) to compromise Next.js servers, deploying malware and cryptocurrency miners. This campaign is part of the botnet's evolving, aggressive strategy, which also includes large-scale exploitation of vulne...

    Read More »
  • Critical RCE flaw exposes over 115,000 WatchGuard firewalls
    December 24, 2025
    88%

    Critical RCE flaw exposes over 115,000 WatchGuard firewalls

    A critical vulnerability (CVE-2025-14733) in WatchGuard Firebox firewalls allows unauthenticated attackers to remotely execute code, primarily affecting devices with IKEv2 VPN enabled. Over 117,000 unpatched devices remain exposed online, prompting urgent patches from WatchGuard and a CISA mandat...

    Read More »
  • Microsoft WSUS Patch Disables Windows Server Hotpatching
    November 5, 2025
    88%

    Microsoft WSUS Patch Disables Windows Server Hotpatching

    Microsoft's emergency security update KB5070881, intended to fix a critical remote code execution vulnerability (CVE-2025-59287), inadvertently disrupted hotpatching on some Windows Server 2025 systems, forcing them to require restarts for updates. The update was quickly blocked for hotpatch-enab...

    Read More »
  • Active Attack Exploits Critical Adobe Commerce, Magento Flaw
    October 24, 2025
    88%

    Active Attack Exploits Critical Adobe Commerce, Magento Flaw

    Security researchers have identified active exploitation of a critical Adobe Commerce and Magento vulnerability (CVE-2025-54236, SessionReaper), which allows attackers to hijack customer accounts and potentially execute remote code, with over 250 attack attempts blocked in a single day. The vulne...

    Read More »
  • Gladinet patches critical zero-day flaw in file-sharing software
    October 17, 2025
    88%

    Gladinet patches critical zero-day flaw in file-sharing software

    Gladinet has released a critical security update for CentreStack to address CVE-2025-11371, a zero-day vulnerability that allowed attackers to bypass protections and execute remote code on systems. The flaw, discovered by Huntress, involved inadequate input sanitization enabling directory travers...

    Read More »
  • Exploit Alert: Critical Adobe Experience Manager Flaw (CVE-2025-54253)
    October 17, 2025
    88%

    Exploit Alert: Critical Adobe Experience Manager Flaw (CVE-2025-54253)

    A critical security flaw (CVE-2025-54253) in Adobe Experience Manager Forms allows unauthenticated attackers to execute remote code, prompting CISA to flag it due to active exploitation. The vulnerability arises from Apache Struts "devMode" being enabled in the administrative interface combined w...

    Read More »
  • Urgent: 50,000 Cisco Firewalls at Risk From Active Attacks
    October 1, 2025
    88%

    Urgent: 50,000 Cisco Firewalls at Risk From Active Attacks

    Attackers are actively exploiting critical vulnerabilities CVE-2025-20333 and CVE-2025-20362 in around 50,000 Cisco ASA and FTD devices, enabling unauthorized remote code execution and access without authentication. Over 48,800 internet-facing devices remain unpatched, primarily in the U.S., with...

    Read More »
  • Fortra GoAnywhere MFT Zero-Day Actively Exploited
    September 27, 2025
    88%

    Fortra GoAnywhere MFT Zero-Day Actively Exploited

    A critical vulnerability (CVE-2025-10035) in Fortra's GoAnywhere MFT was exploited for over a week before a patch was released on September 18, 2025, allowing attackers to achieve remote code execution. The flaw, a deserialization vulnerability with a CVSS score of 10.0, enabled threat actors to ...

    Read More »
  • CISA Mandates Urgent Patching for Actively Exploited Cisco Zero-Day Flaws
    September 27, 2025
    88%

    CISA Mandates Urgent Patching for Actively Exploited Cisco Zero-Day Flaws

    CISA has issued an emergency directive requiring U.S. federal agencies to immediately address two actively exploited critical vulnerabilities (CVE-2025-20333 and CVE-2025-20362) in Cisco ASA and FTD firewalls, which allow unauthenticated remote code execution. Agencies must inventory all affected...

    Read More »
  • Hackers Breach Federal Agency via GeoServer Flaw, CISA Warns
    September 24, 2025
    88%

    Hackers Breach Federal Agency via GeoServer Flaw, CISA Warns

    A critical vulnerability (CVE-2024-36401) in GeoServer was exploited to breach a U.S. federal agency's network after attackers compromised an unpatched server. The attackers moved laterally from the initial entry point, deploying malicious tools like China Chopper and using brute force attacks to...

    Read More »
  • CISA Warns of Active Dassault RCE Exploit—Patch Now
    September 13, 2025
    88%

    CISA Warns of Active Dassault RCE Exploit—Patch Now

    A critical remote code execution vulnerability (CVE-2025-5086) is being actively exploited in Dassault Systèmes' DELMIA Apriso software, affecting versions from 2020 to 2025. The flaw, caused by unsafe deserialization, allows attackers to execute arbitrary code via malicious SOAP requests, with e...

    Read More »
  • DELMIA Factory Software Under Active Attack: Critical Vulnerability Exploited
    September 13, 2025
    88%

    DELMIA Factory Software Under Active Attack: Critical Vulnerability Exploited

    A critical vulnerability (CVE-2025-5086) in DELMIA Apriso manufacturing software is being actively exploited, posing a major risk to global manufacturing sectors. The flaw, with a high CVSS score of 9.0, allows remote code execution and affects all releases from 2020 to 2025, prompting urgent pat...

    Read More »
  • Microsoft, Adobe, SAP Issue Critical September 2025 Patch Tuesday Updates
    September 11, 2025
    88%

    Microsoft, Adobe, SAP Issue Critical September 2025 Patch Tuesday Updates

    The September 2025 Patch Tuesday included critical security updates from Microsoft, Adobe, and SAP, addressing numerous vulnerabilities not currently under active exploitation. Microsoft patched over 80 flaws, including a privilege escalation issue in Windows NTLM and a high-risk remote code exec...

    Read More »
  • Critical Git RCE Flaw (CVE-2025-48384) Actively Exploited by Attackers
    August 27, 2025
    88%

    Critical Git RCE Flaw (CVE-2025-48384) Actively Exploited by Attackers

    A critical Git vulnerability (CVE-2025-48384) allows arbitrary code execution via maliciously crafted submodules, affecting macOS and Linux systems. CISA has confirmed active exploitation and mandated federal agencies to patch by September 15, 2025, with fixed Git versions released on July 8, 202...

    Read More »
  • Urgent: NetScaler Zero-Day Exploit Actively Attacked (CVE-2025-7775)
    August 29, 2025
    87%

    Urgent: NetScaler Zero-Day Exploit Actively Attacked (CVE-2025-7775)

    Three critical vulnerabilities have been discovered in Citrix NetScaler ADC and Gateway devices, with CVE-2025-7775 already being actively exploited for remote code execution and denial of service. Citrix has released security updates for affected versions and strongly advises immediate patching,...

    Read More »
  • $3.2M Awarded for 11 Zero-Day Cloud Vulnerabilities
    December 19, 2025
    85%

    $3.2M Awarded for 11 Zero-Day Cloud Vulnerabilities

    The inaugural Zeroday Cloud cybersecurity competition awarded over $300,000 for the discovery of 11 zero-day vulnerabilities in major cloud platforms, highlighting persistent security challenges in complex cloud environments. A critical container escape flaw in the Linux kernel was uncovered, pos...

    Read More »
  • Hackers Exploit Gladinet CentreStack Flaw for RCE Attacks
    December 13, 2025
    85%

    Hackers Exploit Gladinet CentreStack Flaw for RCE Attacks

    A critical security flaw in Gladinet's CentreStack and Triofox platforms, due to hardcoded AES encryption keys, allows attackers to forge authentication tickets and gain remote code execution on servers. Attackers are actively exploiting this vulnerability, combining it with a known local file in...

    Read More »
  • Patch Now: CISA Warns of Active Oracle Identity Manager Attack
    November 27, 2025
    85%

    Patch Now: CISA Warns of Active Oracle Identity Manager Attack

    A critical vulnerability (CVE-2025-61757) in Oracle Identity Manager is being actively exploited, allowing unauthenticated attackers to execute arbitrary code via HTTP. CISA has urgently added this flaw to its Known Exploited Vulnerabilities catalog, advising immediate patching or isolation of af...

    Read More »
  • Zero-Day Attack Hits Gladinet File Sharing Software
    October 22, 2025
    85%

    Zero-Day Attack Hits Gladinet File Sharing Software

    A zero-day vulnerability (CVE-2025-11371) in Gladinet's CentreStack and Triofox platforms allows unauthenticated attackers to access sensitive files via Local File Inclusion, with at least three organizations already targeted. Attackers exploit the LFI flaw to retrieve machine keys and chain it w...

    Read More »
  • Urgent: CISA Warns of Active Attacks on Critical Adobe Flaw
    October 17, 2025
    85%

    Urgent: CISA Warns of Active Attacks on Critical Adobe Flaw

    CISA has issued a critical alert about active exploitation of a maximum-severity vulnerability (CVE-2025-54253) in Adobe Experience Manager, allowing attackers to execute malicious code on unpatched systems. The flaw, discovered by security researchers, enables unauthenticated attackers to bypass...

    Read More »
  • Microsoft Secures IE Mode After Hackers Exploit Legacy Backdoor
    October 16, 2025
    85%

    Microsoft Secures IE Mode After Hackers Exploit Legacy Backdoor

    Microsoft has strengthened Internet Explorer mode security in Edge after attackers exploited zero-day vulnerabilities in August 2025, using social engineering to compromise systems. Attackers tricked users into reloading pages in IE mode, leveraging Chakra engine exploits for remote code executio...

    Read More »

Related Topics

vulnerability exploitation (14) patch management (13) active exploitation (12) privilege escalation (12) cybersecurity threats (10) security updates (10) proof-of-concept exploit (10) threat actors (10)