RCE

Metasploit Enhances AD CS Exploitation Capabilities with New PKCS12 Features

Red-Team

Metasploit Enhances AD CS Exploitation Capabilities with New PKCS12 Features

The latest Metasploit Framework update introduces significant improvements for Active Directory Certificate Services (AD CS) exploitation, particularly...

News

Popular LLMs Generate Vulnerable Code by Default: Risks and Mitigations

A recent study by Backslash Security reveals that popular large language models (LLMs) frequently produce code containing...

ISC Stormcast: SMS Gateway Scans, Commvault Exploit, and Emerging Threats (April 25, 2025)

Threat Intelligence

ISC Stormcast: SMS Gateway Scans, Commvault Exploit, and Emerging Threats (April 25, 2025)

The SANS Internet Storm Center (ISC) Stormcast for April 25, 2025, highlights critical cybersecurity developments, including SMS...

iPhone Malware Threat: Infostealer Campaign Targets 26M Users

Threat Intelligence

iPhone Malware Threat: Infostealer Campaign Targets 26M Users

A widespread malware campaign targeting iPhone users has escalated, with security experts warning of a surge in...

Critical RCE Vulnerability in Quantum StorNext Web GUI API (CVE-2025-46616)

CVE News

Critical RCE Vulnerability in Quantum StorNext Web GUI API (CVE-2025-46616)

A critical vulnerability (CVE-2025-46616) has been identified in Quantum StorNext Web GUI API versions prior to 7.2.4,...

Critical Zyxel USG FLEX-H Firewall Vulnerabilities Expose Networks to Pre-Auth RCE

CVE News

Critical Zyxel USG FLEX-H Firewall Vulnerabilities Expose Networks to Pre-Auth RCE

Security researcher Alessandro Sgreccia (aka “rainpwn”) has disclosed critical vulnerabilities in Zyxel’s USG FLEX-H firewall series, enabling...

Critical Commvault RCE Vulnerability (CVE-2025-34028) Exploited in the Wild

CVE News

Critical Commvault RCE Vulnerability (CVE-2025-34028) Exploited in the Wild

Organizations using Commvault’s backup and recovery software are under immediate threat due to an actively exploited pre-authenticated...

New Cryptojacking Campaign Exploits Docker with Advanced Evasion Techniques

Malware Analysis

New Cryptojacking Campaign Exploits Docker with Advanced Evasion Techniques

A newly discovered cryptojacking campaign is targeting Docker environments using sophisticated evasion techniques to deploy cryptocurrency miners...

CarlinKit CPC200-CCPA Firmware Update Vulnerabilities Expose Devices to Remote Code Execution

CVE News

CarlinKit CPC200-CCPA Firmware Update Vulnerabilities Expose Devices to Remote Code Execution

A critical vulnerability (CVE-2025-2764) in CarlinKit CPC200-CCPA devices allows network-adjacent attackers to bypass cryptographic signature checks and...

Sonos Era 300 Vulnerability (CVE-2025-1049): Heap-Based Buffer Overflow Enables Remote Code Execution

CVE News

Sonos Era 300 Vulnerability (CVE-2025-1049): Heap-Based Buffer Overflow Enables Remote Code Execution

A critical vulnerability (CVE-2025-1049) affecting Sonos Era 300 speakers has been disclosed, allowing network-adjacent attackers to execute...

Resurgent Vulnerabilities Pose Unique Risks to Edge Devices and Critical Infrastructure

Threat Intelligence

Resurgent Vulnerabilities Pose Unique Risks to Edge Devices and Critical Infrastructure

Attackers are increasingly exploiting older, resurgent vulnerabilities—flaws that were patched years ago but remain unaddressed in many...

TP-Link VN020 F3v(T) Router Vulnerabilities: Remote DoS and RCE Risks

CVE News

TP-Link VN020 F3v(T) Router Vulnerabilities: Remote DoS and RCE Risks

Multiple critical vulnerabilities have been identified in the TP-Link VN020 F3v(T) router running firmware version TT_V6.2.1021, exposing...

Critical Authentication Bypass in Fortinet Products (CVE-2022-40684): Analysis and Mitigation

CVE News

Critical Authentication Bypass in Fortinet Products (CVE-2022-40684): Analysis and Mitigation

A critical authentication bypass vulnerability (CVE-2022-40684) affecting Fortinet’s FortiOS, FortiProxy, and FortiSwitchManager has been actively exploited since...

Critical Remote Code Execution Vulnerability in Dell EMC iDRAC7/iDRAC8 (CVE-2018-1207)

CVE News

Critical Remote Code Execution Vulnerability in Dell EMC iDRAC7/iDRAC8 (CVE-2018-1207)

A critical remote code execution vulnerability has been identified in Dell EMC’s Integrated Dell Remote Access Controller...

compop.ca 3.5.3 Arbitrary Code Execution Vulnerability (CVE-2024-48445)

CVE News

compop.ca 3.5.3 Arbitrary Code Execution Vulnerability (CVE-2024-48445)

A critical vulnerability in compop.ca version 3.5.3 has been disclosed, allowing arbitrary code execution due to an...

Critical RCE Vulnerability in ASUS ASMB8 iKVM Firmware (CVE-2023-26602)

CVE News

Critical RCE Vulnerability in ASUS ASMB8 iKVM Firmware (CVE-2023-26602)

A critical Remote Code Execution (RCE) vulnerability has been identified in ASUS ASMB8 iKVM firmware versions ≤1.14.51,...

NagVis 1.9.33 Arbitrary File Read Vulnerability (CVE-2022-46945): Analysis and Mitigation

CVE News

NagVis 1.9.33 Arbitrary File Read Vulnerability (CVE-2022-46945): Analysis and Mitigation

A critical vulnerability in NagVis 1.9.33, tracked as CVE-2022-46945, allows unauthenticated attackers to read arbitrary files via...

Unauthenticated XSS Vulnerability in ABB Cylon Aspect 4.00.00

CVE News

Unauthenticated XSS Vulnerability in ABB Cylon Aspect 4.00.00

A critical unauthenticated Cross-Site Scripting (XSS) vulnerability has been identified in ABB Cylon Aspect firmware version 4.00.00,...

Microsoft Resolves Remote Desktop Freezing Issues in Windows Server 2025 and Windows 11 24H2

Blue-Team

Microsoft Resolves Remote Desktop Freezing Issues in Windows Server 2025 and Windows 11 24H2

Microsoft has addressed a critical issue causing Remote Desktop Protocol (RDP) sessions to freeze on Windows Server...

Critical Moodle Vulnerabilities Expose Learning Systems to SSRF and Privilege Escalation

CVE News

Critical Moodle Vulnerabilities Expose Learning Systems to SSRF and Privilege Escalation

A recent security audit has revealed critical vulnerabilities in Moodle, the widely adopted open-source learning management system...

Posts pagination

Previous 1 2 3 4 5 6 7 8 9 Next

RCE

Metasploit Enhances AD CS Exploitation Capabilities with New PKCS12 Features

Popular LLMs Generate Vulnerable Code by Default: Risks and Mitigations

ISC Stormcast: SMS Gateway Scans, Commvault Exploit, and Emerging Threats (April 25, 2025)

iPhone Malware Threat: Infostealer Campaign Targets 26M Users

Critical RCE Vulnerability in Quantum StorNext Web GUI API (CVE-2025-46616)

Critical Zyxel USG FLEX-H Firewall Vulnerabilities Expose Networks to Pre-Auth RCE

Critical Commvault RCE Vulnerability (CVE-2025-34028) Exploited in the Wild

New Cryptojacking Campaign Exploits Docker with Advanced Evasion Techniques

CarlinKit CPC200-CCPA Firmware Update Vulnerabilities Expose Devices to Remote Code Execution

Sonos Era 300 Vulnerability (CVE-2025-1049): Heap-Based Buffer Overflow Enables Remote Code Execution

Resurgent Vulnerabilities Pose Unique Risks to Edge Devices and Critical Infrastructure

TP-Link VN020 F3v(T) Router Vulnerabilities: Remote DoS and RCE Risks

Critical Authentication Bypass in Fortinet Products (CVE-2022-40684): Analysis and Mitigation

Critical Remote Code Execution Vulnerability in Dell EMC iDRAC7/iDRAC8 (CVE-2018-1207)

compop.ca 3.5.3 Arbitrary Code Execution Vulnerability (CVE-2024-48445)

Critical RCE Vulnerability in ASUS ASMB8 iKVM Firmware (CVE-2023-26602)

NagVis 1.9.33 Arbitrary File Read Vulnerability (CVE-2022-46945): Analysis and Mitigation

Unauthenticated XSS Vulnerability in ABB Cylon Aspect 4.00.00

Microsoft Resolves Remote Desktop Freezing Issues in Windows Server 2025 and Windows 11 24H2

Critical Moodle Vulnerabilities Expose Learning Systems to SSRF and Privilege Escalation

You may have missed

Windows 11 22H2 End of Support: Key Dates and Security Implications

WeTransfer’s AI Training Policy Reversal: A Security and Trust Analysis

The Arctic World Archive: A Cold Storage Solution for Digital Heritage

EE Network Outage: Technical Fault Disrupts Voice Services for Multiple Days