RCE

The Latest

MVP Development in the Age of AI: How Startups Can Build Smarter, Faster and Leaner

MVP Development in the Age of AI: How Startups Can Build Smarter, Faster and Leaner

China-Linked Hackers Use Dell RecoverPoint Flaw to Drop GrimBolt Malware

China-Linked Hackers Use Dell RecoverPoint Flaw to Drop GrimBolt Malware

AI Under Control: Link11 Launches AI Management Dashboard for Clean Traffic

Infostealer Found Stealing OpenClaw AI Identity and Memory Files

Infostealer Found Stealing OpenClaw AI Identity and Memory Files

Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide

Read More

4 minute read

Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide

Torrance, United States / California, December 12th, 2025, CyberNewsWire In December 2025, CVE-2025-55182 (React2Shell), a vulnerability in React…

byCyberNewswire

December 15, 2025

Critical ‘React2Shell’ Vulnerability (CVE-2025-55182) is Being Actively Exploited

Read More

3 minute read

Critical ‘React2Shell’ Vulnerability (CVE-2025-55182) is Being Actively Exploited

React2Shell, a critical, max-severity flaw (CVE-2025-55182) allows unauthenticated RCE in React and Next.js. Security researchers confirm active exploitation. Update immediately!

December 6, 2025

Critical Monsta FTP Flaw Left 5,000+ Web Servers Open to Full Server Takeover

Read More

2 minute read

Security

Monsta FTP Vulnerability Exposed Thousands of Servers to Full Takeover

Monsta FTP users must update now! A critical pre-authentication flaw (CVE-2025-34299) allows hackers to fully take over web servers. Patch to version 2.11.3 immediately.

November 10, 2025

Medusa Ransomware Exploiting GoAnywhere MFT Flaw, Confirms Microsoft

Read More

2 minute read

Security

Medusa Ransomware Exploiting GoAnywhere MFT Flaw, Confirms Microsoft

Latest reports suggest the critical GoAnywhere MFT vulnerability (CVE-2025-10035, CVSS 10.0) is actively exploited by the Medusa ransomware gang for unauthenticated RCE. Patch immediately.

October 7, 2025

15,000 Jenkins Servers at Risk from RCE Vulnerability (CVE-2025-53652)

Read More

2 minute read

Security

15,000 Jenkins Servers at Risk from RCE Vulnerability (CVE-2025-53652)

A new report by VulnCheck exposes a critical command injection flaw (CVE-2025-53652) in the Jenkins Git Parameter plugin.…

August 8, 2025

SonicWall Urges Patch After 3 Major VPN Vulnerabilities Disclosed

Read More

2 minute read

Security

SonicWall Urges Patch After 3 Major VPN Vulnerabilities Disclosed

watchTowr's latest research details critical SonicWall SMA100 flaws (CVE-2025-40596, 40597, 40598). Discover how pre-auth stack/heap overflows and XSS put SSL-VPNs at risk. Patch now!

July 30, 2025

Billions of Apple Devices at Risk from “AirBorne” AirPlay Vulnerabilities

Read More

3 minute read

Billions of Apple Devices at Risk from “AirBorne” AirPlay Vulnerabilities

Oligo Security uncovers “AirBorne,” a set of 23 vulnerabilities in Apple AirPlay affecting billions of devices. Learn how…

May 3, 2025

Researchers Find CVSS 10.0 Severity RCE Vulnerability in Erlang/OTP SSH

Read More

3 minute read

Security

Researchers Find CVSS 10.0 Severity RCE Vulnerability in Erlang/OTP SSH

Security researchers report CVE-2025-32433, a CVSS 10.0 RCE vulnerability in Erlang/OTP SSH, allowing unauthenticated code execution on exposed…

April 17, 2025

BentoML Vulnerability Allows Remote Code Execution on AI Servers

Read More

2 minute read

Security

BentoML Vulnerability Allows Remote Code Execution on AI Servers

TL;DR: A critical deserialization vulnerability (CVSS 9.8 – CVE-2025-27520) in BentoML (v1.3.8–1.4.2) lets attackers execute remote code without…

April 11, 2025

Hackers Use CVE-2024-50603 to Deploy Backdoor on Aviatrix Controllers

Read More

2 minute read

Security

Hackers Use CVE-2024-50603 to Deploy Backdoor on Aviatrix Controllers

A critical vulnerability (CVE-2024-50603) in the Aviatrix Controller allows unauthenticated RCE. Active exploitation observed by Wiz Research in…

January 15, 2025