Latest RCE news

TellYouThePass ransomware joins Apache ActiveMQ RCE attacks

Internet-exposed Apache ActiveMQ servers are also targeted in TellYouThePass ransomware attacks targeting a critical remote code execution (RCE) vulnerability previously exploited as a zero-day.
- Sergiu Gatlan
- November 06, 2023
- 10:34 AM
- 0
New Microsoft Exchange zero-days allow RCE, data theft attacks

Microsoft Exchange is impacted by four zero-day vulnerabilities that attackers can exploit remotely to execute arbitrary code or disclose sensitive information on affected installations.
- Bill Toulas
- November 03, 2023
- 11:14 AM
- 3
HelloKitty ransomware now exploiting Apache ActiveMQ flaw in attacks

A remote code execution (RCE) flaw impacting Apache ActiveMQ has been under active exploitation by threat actors who use HelloKitty ransomware payloads.
- Bill Toulas
- November 02, 2023
- 12:21 PM
- 0
3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online

Over three thousand internet-exposed Apache ActiveMQ servers are vulnerable to a recently disclosed critical remote code execution (RCE) vulnerability.
- Bill Toulas
- November 01, 2023
- 02:05 PM
- 0
F5 fixes BIG-IP auth bypass allowing remote code execution attacks

A critical vulnerability in the F5 BIG-IP configuration utility, tracked as CVE-2023-46747, allows an attacker with remote access to the configuration utility to perform unauthenticated remote code execution.
- Bill Toulas
- October 27, 2023
- 11:11 AM
- 0
VMware fixes critical code execution flaw in vCenter Server

VMware issued security updates to fix a critical vCenter Server vulnerability that can be exploited to gain remote code execution attacks on vulnerable servers.
- Sergiu Gatlan
- October 25, 2023
- 05:00 AM
- 0
Critical RCE flaws found in SolarWinds access audit solution

Security researchers found three critical remote code execution vulnerabilities in the SolarWinds Access Rights Manager (ARM) product that remote attackers could use to run code with SYSTEM privileges.
- Bill Toulas
- October 20, 2023
- 10:59 AM
- 1
GNOME Linux systems exposed to RCE attacks via file downloads

A memory corruption vulnerability in the open-source libcue library can let attackers execute arbitrary code on GNOME Linux systems.
- Sergiu Gatlan
- October 09, 2023
- 04:24 PM
- 4
Hackers hijack Citrix NetScaler login pages to steal credentials

Hackers are conducting a large-scale campaign to exploit the recent CVE-2023-3519 flaw in Citrix NetScaler Gateways to steal user credentials.
- Bill Toulas
- October 09, 2023
- 10:45 AM
- 0
Ransomware gangs now exploiting critical TeamCity RCE flaw

Ransomware gangs are now targeting a recently patched critical vulnerability in JetBrains' TeamCity continuous integration and deployment server.
- Sergiu Gatlan
- October 02, 2023
- 03:32 PM
- 0
Millions of Exim mail servers exposed to zero-day RCE attacks

A critical zero-day vulnerability in all versions of Exim mail transfer agent (MTA) software can let unauthenticated attackers gain remote code execution (RCE) on Internet-exposed servers.
- Sergiu Gatlan
- September 29, 2023
- 04:11 PM
- 2
Thousands of Juniper devices vulnerable to unauthenticated RCE flaw

An estimated 12,000 Juniper SRX firewalls and EX switches are vulnerable to a fileless remote code execution flaw that attackers can exploit without authentication.
- Bill Toulas
- September 18, 2023
- 03:40 PM
- 0
Windows 11 ‘ThemeBleed’ RCE bug gets proof-of-concept exploit

Security researcher Gabe Kirkpatrick has made a proof-of-concept (PoC) exploit available for CVE-2023-38146, aka "ThemeBleed," which enables attackers to trigger arbitrary remote code execution if the target opens a specially crafted '.theme' file.
- Bill Toulas
- September 14, 2023
- 11:55 AM
- 0
ASUS routers vulnerable to critical remote code execution flaws

Three critical-severity remote code execution vulnerabilities impact ASUS RT-AX55, RT-AX56U_V2, and RT-AC86U routers, potentially allowing threat actors to hijack devices if security updates are not installed.
- Bill Toulas
- September 05, 2023
- 10:58 AM
- 3
Hackers exploit critical Juniper RCE bug chain after PoC release

Hackers have started using a critical exploit chain to target Juniper EX switches and SRX firewalls via their Internet-exposed J-Web configuration interface.
- Sergiu Gatlan
- August 29, 2023
- 10:51 AM
- 0
Exploit released for Juniper firewall bugs allowing RCE attacks

Proof-of-concept exploit code has been publicly released for vulnerabilities in Juniper SRX firewalls that, when chained, can allow unauthenticated attackers to gain remote code execution in Juniper's JunOS on unpatched devices.
- Sergiu Gatlan
- August 28, 2023
- 10:46 AM
- 0
WinRAR flaw lets hackers run programs when you open RAR archives

A high-severity vulnerability has been fixed in WinRAR, the popular file archiver utility for Windows used by millions, that can execute commands on a computer simply by opening an archive.
- Bill Toulas
- August 18, 2023
- 01:20 PM
- 3
Ivanti Avalanche impacted by critical pre-auth stack buffer overflows

Two stack-based buffer overflows collectively tracked as CVE-2023-32560 impact Ivanti Avalanche, an enterprise mobility management (EMM) solution designed to manage, monitor, and secure a wide range of mobile devices.
- Bill Toulas
- August 15, 2023
- 06:05 PM
- 0
Industrial PLCs worldwide impacted by CODESYS V3 RCE flaws

Millions of PLC (programmable logic controllers) used in industrial environments worldwide are at risk to 15 vulnerabilities in the CODESYS V3 software development kit, allowing remote code execution (RCE) and denial of service (DoS) attacks.
- Bill Toulas
- August 11, 2023
- 10:33 AM
- 0
New PaperCut critical bug exposes unpatched servers to RCE attacks

PaperCut recently fixed a critical security vulnerability in its NG/MF print management software that allows unauthenticated attackers to gain remote code execution on unpatched Windows servers.
- Sergiu Gatlan
- August 04, 2023
- 04:23 PM
- 1