RCE

Microsoft August 2025 Patch Tuesday: Zero-Day in Windows Kerberos Among 107 Flaws

CVE News

Microsoft August 2025 Patch Tuesday: Zero-Day in Windows Kerberos Among 107 Flaws

Microsoft’s August 2025 Patch Tuesday addresses 107 security vulnerabilities, including one actively exploited zero-day in Windows Kerberos....

Gemini AI Hijacking via Poisoned Google Calendar Invites: Technical Breakdown

Red-Team

Gemini AI Hijacking via Poisoned Google Calendar Invites: Technical Breakdown

Google has patched a critical vulnerability that allowed attackers to remotely compromise Gemini AI agents through malicious...

WinRAR Zero-Day Exploited in Phishing Attacks to Deploy RomCom Malware

CVE News

WinRAR Zero-Day Exploited in Phishing Attacks to Deploy RomCom Malware

A critical WinRAR vulnerability, tracked as CVE-2025-8088, was actively exploited as a zero-day in phishing campaigns to...

CrushFTP Zero-Day Exploited for Unauthenticated Admin Access: Technical Breakdown

CVE News

CrushFTP Zero-Day Exploited for Unauthenticated Admin Access: Technical Breakdown

Administrators and security teams are urged to patch CrushFTP servers immediately following active exploitation of a critical...

Arch Linux Removes Malicious AUR Packages Distributing Chaos RAT

Malware Analysis

Arch Linux Removes Malicious AUR Packages Distributing Chaos RAT

Arch Linux has removed three compromised packages from its Arch User Repository (AUR) after discovering they contained...

LameHug Malware Leverages AI LLMs for Real-Time Windows Data Theft

Malware Analysis

LameHug Malware Leverages AI LLMs for Real-Time Windows Data Theft

A new malware strain named LameHug has been discovered using large language models (LLMs) to dynamically generate...

Critical Pre-Auth RCE Exploit Released for Fortinet FortiWeb: Patch Immediately

CVE News

Critical Pre-Auth RCE Exploit Released for Fortinet FortiWeb: Patch Immediately

Proof-of-concept (PoC) exploits for a critical SQL injection (SQLi) vulnerability in Fortinet FortiWeb have been publicly released,...

Gravity Forms Compromised in Supply-Chain Attack: Backdoored Plugins Distributed via Official Website

CVE News

Gravity Forms Compromised in Supply-Chain Attack: Backdoored Plugins Distributed via Official Website

The developers of Gravity Forms, a widely used WordPress plugin with over 1 million active installations, have...

NVIDIA’s GDDR6 Rowhammer Mitigation Guidance: Technical Analysis and Industry Implications

Red-Team

NVIDIA’s GDDR6 Rowhammer Mitigation Guidance: Technical Analysis and Industry Implications

NVIDIA has issued guidance urging users to enable System Level Error-Correcting Code (ECC) protections for GDDR6-equipped GPUs...

OpenVSX Zero-Day Vulnerability: How a Single Flaw Threatened Millions of Developer Environments

CVE News

OpenVSX Zero-Day Vulnerability: How a Single Flaw Threatened Millions of Developer Environments

A critical vulnerability in OpenVSX, the open-source extension marketplace used by popular VS Code forks like Cursor...

PerfektBlue Bluetooth Vulnerabilities Expose Critical Automotive Systems to Remote Attacks

CVE News

PerfektBlue Bluetooth Vulnerabilities Expose Critical Automotive Systems to Remote Attacks

Four vulnerabilities in OpenSynergy’s BlueSDK Bluetooth stack, collectively dubbed PerfektBlue, have been identified as affecting vehicles from...

Windows 11 KB5062553 & KB5062552 Updates: Security Fixes and Enterprise Impact

CVE News

Windows 11 KB5062553 & KB5062552 Updates: Security Fixes and Enterprise Impact

Microsoft has released two critical cumulative updates for Windows 11 – KB5062553 for version 24H2 and KB5062552...

Microsoft’s July 2025 Patch Tuesday Addresses 137 Vulnerabilities Including Critical WebDAV Zero-Day

CVE News

Microsoft’s July 2025 Patch Tuesday Addresses 137 Vulnerabilities Including Critical WebDAV Zero-Day

Microsoft’s July 2025 Patch Tuesday has released security updates addressing 137 vulnerabilities across its product line, including...

Brother Printer Vulnerability: Unpatchable Default Admin Password Flaw Affects 689 Models

CVE News

Brother Printer Vulnerability: Unpatchable Default Admin Password Flaw Affects 689 Models

A critical vulnerability affecting 689 Brother printer models, along with devices from Fujifilm, Toshiba, and Konica Minolta,...

Cisco ISE and ISE-PIC Vulnerabilities: Critical RCE Flaws Require Immediate Patching

CVE News

Cisco ISE and ISE-PIC Vulnerabilities: Critical RCE Flaws Require Immediate Patching

Cisco has issued an urgent security advisory regarding two critical remote code execution (RCE) vulnerabilities affecting its...

CISA Warns of Actively Exploited Linux Kernel Vulnerability (CVE-2024-1086)

CVE News

CISA Warns of Actively Exploited Linux Kernel Vulnerability (CVE-2024-1086)

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about attackers exploiting a high-severity vulnerability...

BeyondTrust Remote Support Vulnerability (CVE-2025-5309): Pre-Auth RCE Analysis

CVE News

BeyondTrust Remote Support Vulnerability (CVE-2025-5309): Pre-Auth RCE Analysis

BeyondTrust has issued critical security updates to address a high-severity Server-Side Template Injection (SSTI) vulnerability in its...

Critical Linux udisks Vulnerability Allows Local Privilege Escalation to Root

CVE News

Critical Linux udisks Vulnerability Allows Local Privilege Escalation to Root

A newly discovered vulnerability in the Linux udisks service (CVE-2025-6019) enables local attackers to escalate privileges to...

Critical RCE Vulnerability in Veeam Backup & Replication (CVE-2025-23120): Analysis and Mitigation

CVE News

Critical RCE Vulnerability in Veeam Backup & Replication (CVE-2025-23120): Analysis and Mitigation

Veeam has released urgent security updates to address a critical remote code execution (RCE) vulnerability in its...

Sitecore XP Exploit Chain: Hardcoded Credentials Lead to Unauthenticated RCE

CVE News

Sitecore XP Exploit Chain: Hardcoded Credentials Lead to Unauthenticated RCE

A critical vulnerability chain in Sitecore Experience Platform (XP) allows attackers to gain full server control starting...

Posts pagination

Previous 1 2 3 4 5 6 … 11 Next

RCE

Microsoft August 2025 Patch Tuesday: Zero-Day in Windows Kerberos Among 107 Flaws

Gemini AI Hijacking via Poisoned Google Calendar Invites: Technical Breakdown

WinRAR Zero-Day Exploited in Phishing Attacks to Deploy RomCom Malware

CrushFTP Zero-Day Exploited for Unauthenticated Admin Access: Technical Breakdown

Arch Linux Removes Malicious AUR Packages Distributing Chaos RAT

LameHug Malware Leverages AI LLMs for Real-Time Windows Data Theft

Critical Pre-Auth RCE Exploit Released for Fortinet FortiWeb: Patch Immediately

Gravity Forms Compromised in Supply-Chain Attack: Backdoored Plugins Distributed via Official Website

NVIDIA’s GDDR6 Rowhammer Mitigation Guidance: Technical Analysis and Industry Implications

OpenVSX Zero-Day Vulnerability: How a Single Flaw Threatened Millions of Developer Environments

PerfektBlue Bluetooth Vulnerabilities Expose Critical Automotive Systems to Remote Attacks

Windows 11 KB5062553 & KB5062552 Updates: Security Fixes and Enterprise Impact

Microsoft’s July 2025 Patch Tuesday Addresses 137 Vulnerabilities Including Critical WebDAV Zero-Day

Brother Printer Vulnerability: Unpatchable Default Admin Password Flaw Affects 689 Models

Cisco ISE and ISE-PIC Vulnerabilities: Critical RCE Flaws Require Immediate Patching

CISA Warns of Actively Exploited Linux Kernel Vulnerability (CVE-2024-1086)

BeyondTrust Remote Support Vulnerability (CVE-2025-5309): Pre-Auth RCE Analysis

Critical Linux udisks Vulnerability Allows Local Privilege Escalation to Root

Critical RCE Vulnerability in Veeam Backup & Replication (CVE-2025-23120): Analysis and Mitigation

Sitecore XP Exploit Chain: Hardcoded Credentials Lead to Unauthenticated RCE

You may have missed

Firefox 145 Enhances Anti-Fingerprinting Protections, Impacting Threat Actor Reconnaissance

Quantum Route Redirect: A New PhaaS Platform Targeting Microsoft 365 Credentials

The LinkedIn Phishing Epidemic: Technical Analysis of Multi-Channel Attacks Targeting Executives

AI Infrastructure Expansion Fueled by Debt Raises Systemic Financial Risks