The team behind the Cobalt Strike penetration testing tool has responded to reports of a failed remote code execution (RCE) exploit patch with a new fix....
Windows servers running Microsoft Office Online Server can be exploited to achieve server-side request forgery (SSRF) and thereafter remote code execution (RCE) on the host, according...
A remote code execution flaw in the open-source Apache Commons Text library has some people worried that it could turn into the next Log4Shell. However, most...
A critical flaw patched in the Apache Commons Text library has sparked comparisons with the ‘Log4Shell’ bug that surfaced in the near-ubiquitous open source component Log4j...
Almost 900 servers have been hacked using a critical Zimbra Collaboration Suite (ZCS) vulnerability, which at the time was a zero-day without a patch for nearly...
A super-critical vulnerability in Adobe Magento could allow attackers to fully compromise e-commerce platforms, according to the security researcher who unearthed the bug. Adobe has urged...
Researchers are warning of a critical remote code execution flaw in ‘vm2’, a JavaScript sandbox library downloaded over 16 million times per month via the NPM...
A zero-day remote code execution (RCE) vulnerability in Zimbra is being actively exploited in the wild. The bug was assigned the tracker CVE-2022-41352 in late September....
Hackers are actively exploiting an unpatched remote code execution (RCE) vulnerability in Zimbra Collaboration Suite (ZCS), a widely deployed web client and email server. The zero-day...
Public disclosure, a talk, and a blog post later, the RCE exploit remains unresolved Despite a researcher’s best efforts at disclosure, the maintainers of the WebPageTest...
Recent Comments