Security News

Hackers Found Exploiting Oracle WebLogic RCE Flaw to Spread Ransomware
2019-05-01 07:33

Taking advantage of newly disclosed and even patched vulnerabilities has become common among cybercriminals, which makes it one of the primary attack vectors for everyday-threats, like...

Critical Flaws in Sierra Wireless 5G Gateway Allow RCE, Command Injection
2019-04-26 16:12

The wireless gateways are used in PoS, industrial IoT and distributed enterprise settings.

Researchers flag new Oracle WebLogic zero-day RCE flaw
2019-04-25 13:25

Attackers looking to compromise Oracle WebLogic servers for their own needs have a new zero-day RCE flaw at their disposal. “Oracle WebLogic wls9_async and wls-wsat components trigger...

Magento Patches Critical SQL Injection and RCE Vulnerabilities
2019-03-29 16:26

Magento patched 37 flaws Thursday, including a stored cross-site scripting (XSS) vulnerability that could have let an attacker take over a site.

Researcher Says NSA’s Ghidra Tool Can Be Used for RCE
2019-03-19 15:26

Researchers have released a proof-of-concept showing how a XXE vulnerability can be exploited to attack Ghidra project users.

Don't be a WordPress RCE-hole and patch up this XSS vuln, pronto
2019-03-14 18:02

Not on 5.1.1? You should be A newly revealed vuln in the open-source CMS WordPress allows an unauthenticated website attacker to remotely execute code – potentially letting naughty folk delete or...

Google Patches Critical Bluetooth RCE Bug
2019-03-11 19:14

In all, Google reported 45 bugs in its March update with 11 ranked critical and 33 rated high.

Rockwell Automation Patches Critical DoS/RCE Flaw in RSLinx Software
2019-03-06 07:18

Patches released by Rockwell Automation for its RSLinx Classic software address a critical vulnerability that can be exploited for denial-of-service (DoS) attacks and possibly for remote code...

Friendly reminder to Drupal admins: Secure your sh!t before latest RCE-holes get you
2019-02-27 18:21

Last week's disclosures are now this week's live attacks Just days after a remote code execution flaw in open-source web publishing software Drupal was made public, researchers have already...

Hackers Actively Exploiting Latest Drupal RCE Flaw Published This Week
2019-02-26 12:48

Cybercriminals have actively started exploiting an already patched security vulnerability in the wild to install cryptocurrency miners on vulnerable Drupal websites that have not yet applied...