Latest RCE news

50K WordPress sites exposed to RCE attacks by critical bug in backup plugin

A critical severity vulnerability in a WordPress plugin with more than 90,000 installs can let attackers gain remote code execution to fully compromise vulnerable websites.
- Sergiu Gatlan
- December 11, 2023
- 05:46 PM
- 2
Over 30% of Log4J apps use a vulnerable version of the library

Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228 that carries the maximum severity rating, despite patches being available for more than two years.
- Bill Toulas
- December 10, 2023
- 10:35 AM
- 1
WordPress fixes POP chain exposing websites to RCE attacks

WordPress has released version 6.4.2 that addresses a remote code execution (RCE) vulnerability that could be chained with another flaw to allow attackers run arbitrary PHP code on the target website.
- Bill Toulas
- December 07, 2023
- 03:10 PM
- 0
Atlassian patches critical RCE flaws across multiple products

Atlassian has published security advisories for four critical remote code execution (RCE) vulnerabilities impacting Confluence, Jira, and Bitbucket servers, along with a companion app for macOS.
- Bill Toulas
- December 06, 2023
- 10:49 AM
- 0
December Android updates fix critical zero-click RCE flaw

Google announced today that the December 2023 Android security updates tackle 85 vulnerabilities, including a critical severity zero-click remote code execution (RCE) bug.
- Sergiu Gatlan
- December 04, 2023
- 02:37 PM
- 0
New botnet malware exploits two zero-days to infect NVRs and routers

A new Mirai-based malware botnet named 'InfectedSlurs' has been exploiting two zero-day remote code execution (RCE) vulnerabilities to infect routers and video recorder (NVR) devices.
- Bill Toulas
- November 22, 2023
- 12:39 PM
- 0
New CacheWarp AMD CPU attack lets hackers gain root in Linux VMs

A new software-based fault injection attack, CacheWarp, can let threat actors hack into AMD SEV-protected virtual machines by targeting memory writes to escalate privileges and gain remote code execution.
- Sergiu Gatlan
- November 14, 2023
- 03:34 PM
- 2
CISA warns of actively exploited Juniper pre-auth RCE exploit chain

CISA warned federal agencies today to secure Juniper devices on their networks by Friday against four vulnerabilities now used in remote code execution (RCE) attacks as part of a pre-auth exploit chain.
- Sergiu Gatlan
- November 13, 2023
- 12:23 PM
- 0
Veeam warns of critical bugs in Veeam ONE monitoring platform

Veeam released hotfixes today to address four vulnerabilities in the company's Veeam ONE IT infrastructure monitoring and analytics platform, two of them critical.
- Sergiu Gatlan
- November 06, 2023
- 04:58 PM
- 0
TellYouThePass ransomware joins Apache ActiveMQ RCE attacks

Internet-exposed Apache ActiveMQ servers are also targeted in TellYouThePass ransomware attacks targeting a critical remote code execution (RCE) vulnerability previously exploited as a zero-day.
- Sergiu Gatlan
- November 06, 2023
- 10:34 AM
- 0
New Microsoft Exchange zero-days allow RCE, data theft attacks

Microsoft Exchange is impacted by four zero-day vulnerabilities that attackers can exploit remotely to execute arbitrary code or disclose sensitive information on affected installations.
- Bill Toulas
- November 03, 2023
- 11:14 AM
- 3
HelloKitty ransomware now exploiting Apache ActiveMQ flaw in attacks

A remote code execution (RCE) flaw impacting Apache ActiveMQ has been under active exploitation by threat actors who use HelloKitty ransomware payloads.
- Bill Toulas
- November 02, 2023
- 12:21 PM
- 0
3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online

Over three thousand internet-exposed Apache ActiveMQ servers are vulnerable to a recently disclosed critical remote code execution (RCE) vulnerability.
- Bill Toulas
- November 01, 2023
- 02:05 PM
- 0
F5 fixes BIG-IP auth bypass allowing remote code execution attacks

A critical vulnerability in the F5 BIG-IP configuration utility, tracked as CVE-2023-46747, allows an attacker with remote access to the configuration utility to perform unauthenticated remote code execution.
- Bill Toulas
- October 27, 2023
- 11:11 AM
- 0
VMware fixes critical code execution flaw in vCenter Server

VMware issued security updates to fix a critical vCenter Server vulnerability that can be exploited to gain remote code execution attacks on vulnerable servers.
- Sergiu Gatlan
- October 25, 2023
- 05:00 AM
- 0
Critical RCE flaws found in SolarWinds access audit solution

Security researchers found three critical remote code execution vulnerabilities in the SolarWinds Access Rights Manager (ARM) product that remote attackers could use to run code with SYSTEM privileges.
- Bill Toulas
- October 20, 2023
- 10:59 AM
- 1
GNOME Linux systems exposed to RCE attacks via file downloads

A memory corruption vulnerability in the open-source libcue library can let attackers execute arbitrary code on GNOME Linux systems.
- Sergiu Gatlan
- October 09, 2023
- 04:24 PM
- 4
Hackers hijack Citrix NetScaler login pages to steal credentials

Hackers are conducting a large-scale campaign to exploit the recent CVE-2023-3519 flaw in Citrix NetScaler Gateways to steal user credentials.
- Bill Toulas
- October 09, 2023
- 10:45 AM
- 0
Ransomware gangs now exploiting critical TeamCity RCE flaw

Ransomware gangs are now targeting a recently patched critical vulnerability in JetBrains' TeamCity continuous integration and deployment server.
- Sergiu Gatlan
- October 02, 2023
- 03:32 PM
- 0
Millions of Exim mail servers exposed to zero-day RCE attacks

A critical zero-day vulnerability in all versions of Exim mail transfer agent (MTA) software can let unauthenticated attackers gain remote code execution (RCE) on Internet-exposed servers.
- Sergiu Gatlan
- September 29, 2023
- 04:11 PM
- 2