remote code execution Archives

Malware & Threats

Exploit Code for Apache Tomcat RCE Vulnerability Published on Chinese Forum

Exploits swirling for remote code execution vulnerability (CVE-2025-24813) in open-source Apache Tomcat web server.

Ryan Naraine5 days ago

Malware & Threats

Microsoft Flags Six Active Zero-Days, Patches 57 Flaws: Patch Tuesday

Redmond ships major security updates with warnings that a half-dozen Windows vulnerabilities have already been exploited in the wild.

Ryan NaraineMarch 11, 2025

Malware & Threats

Adobe Plugs 45 Software Security Holes, Warns of Code Execution Risks

Patch Tuesday: Adobe patches 45 vulnerabilities across multiple products and warns of remote code execution exploitation risks.

Ryan NaraineFebruary 11, 2025

Cloud Security

Veeam Warns of Critical Vulnerability in Service Provider Console

Veeam releases patches for two vulnerabilities in Service Provider Console, including a critical-severity remote code execution bug.

Ionut ArghireDecember 4, 2024

Vulnerabilities

VMware Patches High-Severity SQL Injection Flaw in HCX Platform

VMware patches CVE-2024-38814 and warns that attackers with non-administrator privileges can execute remote code on the HCX manager.

Ryan NaraineOctober 16, 2024

Endpoint Security

Microsoft Warns of OpenVPN Vulnerabilities, Potential for Exploit Chains

The vulnerabilities, patched in OpenVPN 2.6.10, expose users on the Windows platform to remote code execution attacks.

Ryan NaraineAugust 12, 2024

Network Security

QNAP Rushes Patch for Code Execution Flaw in NAS Devices

QNAP rolls out patches for multiple vulnerabilities after proof-of-concept exploit published for a remote code execution vulnerability.

Ionut ArghireMay 21, 2024

Incident Response

Critical Flaw in Popular ‘Ultimate Member’ WordPress Plugin

The vulnerability carries a CVSS severity score of 9.8/10 and affects web sites running the Ultimate Member WordPress membership plugin.

Ionut ArghireFebruary 26, 2024

Malware & Threats

ConnectWise Confirms ScreenConnect Flaw Under Active Exploitation

Security experts describe exploitation of the CVSS 10/10 flaw as “trivial and embarrassingly easy.”

Ryan NaraineFebruary 21, 2024

Phishing

Microsoft Patch Tuesday: Critical Spoofing and Remote Code Execution Flaws

Microsoft warns of critical spoofing and remote code execution bugs in the Windows MSHTML Platform and Microsoft Power Platform Connector.

Ryan NaraineDecember 12, 2023

SECURITYWEEK NETWORK:

ICS:

All posts tagged "remote code execution"

Malware & Threats

Exploit Code for Apache Tomcat RCE Vulnerability Published on Chinese Forum

Malware & Threats

Microsoft Flags Six Active Zero-Days, Patches 57 Flaws: Patch Tuesday

Malware & Threats

Adobe Plugs 45 Software Security Holes, Warns of Code Execution Risks

Cloud Security

Veeam Warns of Critical Vulnerability in Service Provider Console

Vulnerabilities

VMware Patches High-Severity SQL Injection Flaw in HCX Platform

Endpoint Security

Microsoft Warns of OpenVPN Vulnerabilities, Potential for Exploit Chains

Network Security

QNAP Rushes Patch for Code Execution Flaw in NAS Devices

Incident Response

Critical Flaw in Popular ‘Ultimate Member’ WordPress Plugin

Malware & Threats

ConnectWise Confirms ScreenConnect Flaw Under Active Exploitation

Phishing

Microsoft Patch Tuesday: Critical Spoofing and Remote Code Execution Flaws

Featured

Supply Chain Security

Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed

Mobile & Wireless

Paragon Spyware Attacks Exploited WhatsApp Zero-Day

Cloud Security

What’s Behind Google’s $32 Billion Wiz Acquisition?

Phishing

Scareware Combined With Phishing in Attacks Targeting macOS Users

Funding/M&A

Google to Acquire Cloud Security Giant Wiz for $32 Billion in Cash

Artificial Intelligence

ChatGPT Tool Vulnerability Exploited Against US Government Organizations

Artificial Intelligence

Nvidia Patches Vulnerabilities That Could Let Hackers Exploit AI Services

Latest News

Vulnerabilities

In Other News: Critical Chrome Bug, Capital One Hacker Resententencing, Story of Expat Flaw

Data Breaches

Ransomware Group Claims Attack on Virginia Attorney General’s Office

Supply Chain Security

Watch on Demand: Supply Chain & Third-Party Risk Security Summit

Artificial Intelligence

New Jailbreak Technique Uses Fictional World to Manipulate AI

Nation-State

Chinese I-Soon Hackers Hit 7 Organizations in Operation FishMedley

Cloud Security

Industry Reactions to Google Buying Wiz: Feedback Friday

Data Breaches

Ransomware Group Claims Attacks on Ascom, Jaguar Land Rover

Daily Briefing Newsletter