Latest RCE news

Maximum severity Flowmon bug has a public exploit, patch now

Proof-of-concept exploit code has been released for a top-severity security vulnerability in Progress Flowmon, a tool for monitoring network performance and visibility.
- Bill Toulas
- April 24, 2024
- 04:08 PM
- 0
Hackers hijack OpenMetadata apps in Kubernetes cryptomining attacks

In an ongoing Kubernetes cryptomining campaign, attackers target OpenMetadata workloads using critical remote code execution and authentication vulnerabilities.
- Sergiu Gatlan
- April 17, 2024
- 05:01 PM
- 0
Palo Alto Networks fixes zero-day exploited to backdoor firewalls

Palo Alto Networks has started releasing hotfixes for a zero-day vulnerability that has been actively exploited since March 26th to backdoor PAN-OS firewalls.
- Sergiu Gatlan
- April 15, 2024
- 08:59 AM
- 1
Critical RCE bug in 92,000 D-Link NAS devices now exploited in attacks

Attackers are now actively targeting over 92,000 end-of-life D-Link Network Attached Storage (NAS) devices exposed online and unpatched against a critical remote code execution (RCE) zero-day flaw.
- Sergiu Gatlan
- April 08, 2024
- 06:17 PM
- 1
New Ivanti RCE flaw may impact 16,000 exposed VPN gateways

Approximately 16,500 Ivanti Connect Secure and Poly Secure gateways exposed on the internet are likely vulnerable to a remote code execution (RCE) flaw the vendor addressed earlier this week.
- Bill Toulas
- April 05, 2024
- 01:40 PM
- 0
Ivanti fixes VPN gateway vulnerability allowing RCE, DoS attacks

IT security software company Ivanti has released patches to fix multiple security vulnerabilities impacting its Connect Secure and Policy Secure gateways.
- Sergiu Gatlan
- April 03, 2024
- 01:29 PM
- 0
CISA tags Microsoft SharePoint RCE bug as actively exploited

CISA warns that attackers are now exploiting a Microsoft SharePoint code injection vulnerability that can be chained with a critical privilege escalation flaw for pre-auth remote code execution attacks.
- Sergiu Gatlan
- March 27, 2024
- 12:24 PM
- 0
Exploit released for Fortinet RCE bug used in attacks, patch now

Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS) software, which is now actively exploited in attacks.
- Sergiu Gatlan
- March 21, 2024
- 11:17 AM
- 0
Fortinet warns of critical RCE bug in endpoint management software

Fortinet patched a critical vulnerability in its FortiClient Enterprise Management Server (EMS) software that can allow attackers to gain remote code execution (RCE) on vulnerable servers.
- Sergiu Gatlan
- March 13, 2024
- 02:48 PM
- 0
Critical Fortinet flaw may impact 150,000 exposed devices

Scans on the public web show that approximately 150,000 Fortinet FortiOS and FortiProxy secure web gateway systems are vulnerable to CVE-2024-21762, a critical security issue that allows executing code without authentication.
- Ionut Ilascu
- March 08, 2024
- 03:37 PM
- 3
Critical TeamCity flaw now widely exploited to create admin accounts

Hackers have started to exploit the critical-severity authentication bypass vulnerability (CVE-2024-27198) in TeamCity On-Premises, which JetBrains addressed in an update on Monday.
- Ionut Ilascu
- March 06, 2024
- 07:19 PM
- 0
Exploit available for new critical TeamCity auth bypass bug, patch now

A critical vulnerability (CVE-2024-27198) in the TeamCity On-Premises CI/CD solution from JetBrains can let a remote unauthenticated attacker take control of the server with administrative permissions.
- Ionut Ilascu
- March 04, 2024
- 05:42 PM
- 0
ConnectWise urges ScreenConnect admins to patch critical RCE flaw

ConnectWise warned customers to patch their ScreenConnect servers immediately against a maximum severity flaw that can be used in remote code execution (RCE) attacks.
- Sergiu Gatlan
- February 20, 2024
- 11:48 AM
- 2
Hackers exploit critical RCE flaw in Bricks WordPress site builder

Hackers are actively exploiting a critical remote code execution (RCE) flaw impacting the Brick Builder Theme to run malicious PHP code on vulnerable sites.
- Bill Toulas
- February 19, 2024
- 12:55 PM
- 0
SolarWinds fixes critical RCE bugs in access rights audit solution

SolarWinds has patched five remote code execution (RCE) flaws in its Access Rights Manager (ARM) solution, including three critical severity vulnerabilities that allow unauthenticated exploitation.
- Sergiu Gatlan
- February 16, 2024
- 01:32 PM
- 0
New critical Microsoft Outlook RCE bug is trivial to exploit

Microsoft says remote unauthenticated attackers can trivially exploit a critical Outlook security vulnerability that also lets them bypass the Office Protected View.
- Sergiu Gatlan
- February 14, 2024
- 03:08 PM
- 1
JetBrains warns of new TeamCity auth bypass vulnerability

JetBrains urged customers today to patch their TeamCity On-Premises servers against a critical authentication bypass vulnerability that can let attackers take over vulnerable instances with admin privileges.
- Sergiu Gatlan
- February 06, 2024
- 12:30 PM
- 0
45k Jenkins servers exposed to RCE attacks using public exploits

Researchers found roughly 45,000 Jenkins instances exposed online that are vulnerable to CVE-2024-23897, a critical remote code execution (RCE) flaw for which multiple public proof-of-concept (PoC) exploits are in circulation.
- Bill Toulas
- January 29, 2024
- 05:06 PM
- 0
Exploits released for critical Jenkins RCE flaw, patch now

Multiple proof-of-concept (PoC) exploits for a critical Jenkins vulnerability allowing unauthenticated attackers to read arbitrary files have been made publicly available, with some researchers reporting attackers actively exploiting the flaws in attacks.
- Bill Toulas
- January 28, 2024
- 10:17 AM
- 0
Cisco warns of critical RCE flaw in communications software

Cisco is warning that several of its Unified Communications Manager (CM) and Contact Center Solutions products are vulnerable to a critical severity remote code execution security issue.
- Bill Toulas
- January 25, 2024
- 09:41 AM
- 0