Exploits for pre-auth Fortinet FortiWeb RCE flaw released, patch now
Proof-of-concept exploits have been released for a critical SQLi vulnerability in Fortinet FortiWeb that can be used to achieve…
Chinese Hackers Exploit SAP NetWeaver RCE Flaw
“A China-linked unnamed threat actor dubbed Chaya_004 has been observed exploiting a recently disclosed security flaw in SAP…
Samsung MagicINFO 9 Server RCE flaw now exploited in attacks
Hackers are exploiting an unauthenticated remote code execution (RCE) vulnerability in the Samsung MagicINFO 9 Server to hijack…
Craft CMS RCE exploit chain used in zero-day attacks to steal data
Two vulnerabilities impacting Craft CMS were chained together in zero-day attacks to breach servers and steal data, with exploitation…
Critical Erlang/OTP SSH pre-auth RCE is ‘Surprisingly Easy’ to exploit, patch now
A critical vulnerability in the Erlang/OTP SSH, tracked as CVE-2025-32433, has been disclosed that allows for unauthenticated remote code…
Max severity RCE flaw discovered in widely used Apache Parquet
A maximum severity remote code execution (RCE) vulnerability has been discovered impacting all versions of Apache Parquet up…
Critical RCE flaws put Kubernetes clusters at risk of takeover
The Kubernetes project has released patches for five vulnerabilities in a widely used popular component called the Ingress…
Veeam RCE bug lets domain users hack backup servers, patch now
Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in its Backup & Replication software that…
‘Dead simple’ RCE exploit in Apache Tomcat under attack • The Register
A trivial flaw in Apache Tomcat that allows remote code execution and access to sensitive files is said…
This Week In Security: The X DDoS, The ESP32 Basementdoor, And The CamelCase RCE
We would be remiss if we didn’t address the X Distributed Denial of Service (DDoS) attack that’s been…