Security News

Critical Flaws in Sierra Wireless 5G Gateway Allow RCE, Command Injection
2019-04-26 16:12

The wireless gateways are used in PoS, industrial IoT and distributed enterprise settings.

Researchers flag new Oracle WebLogic zero-day RCE flaw
2019-04-25 13:25

Attackers looking to compromise Oracle WebLogic servers for their own needs have a new zero-day RCE flaw at their disposal. “Oracle WebLogic wls9_async and wls-wsat components trigger...

Magento Patches Critical SQL Injection and RCE Vulnerabilities
2019-03-29 16:26

Magento patched 37 flaws Thursday, including a stored cross-site scripting (XSS) vulnerability that could have let an attacker take over a site.

Researcher Says NSA’s Ghidra Tool Can Be Used for RCE
2019-03-19 15:26

Researchers have released a proof-of-concept showing how a XXE vulnerability can be exploited to attack Ghidra project users.

Don't be a WordPress RCE-hole and patch up this XSS vuln, pronto
2019-03-14 18:02

Not on 5.1.1? You should be A newly revealed vuln in the open-source CMS WordPress allows an unauthenticated website attacker to remotely execute code – potentially letting naughty folk delete or...

Google Patches Critical Bluetooth RCE Bug
2019-03-11 19:14

In all, Google reported 45 bugs in its March update with 11 ranked critical and 33 rated high.

Rockwell Automation Patches Critical DoS/RCE Flaw in RSLinx Software
2019-03-06 07:18

Patches released by Rockwell Automation for its RSLinx Classic software address a critical vulnerability that can be exploited for denial-of-service (DoS) attacks and possibly for remote code...

Friendly reminder to Drupal admins: Secure your sh!t before latest RCE-holes get you
2019-02-27 18:21

Last week's disclosures are now this week's live attacks Just days after a remote code execution flaw in open-source web publishing software Drupal was made public, researchers have already...

Hackers Actively Exploiting Latest Drupal RCE Flaw Published This Week
2019-02-26 12:48

Cybercriminals have actively started exploiting an already patched security vulnerability in the wild to install cryptocurrency miners on vulnerable Drupal websites that have not yet applied...

Drupal RCE Flaw Exploited in Attacks Days After Patch
2019-02-26 08:00

A vulnerability patched recently in the Drupal content management system (CMS) has been exploited in the wild to deliver cryptocurrency miners and other payloads. The attacks started just three...