CSO Online

10.0-severity RCE flaw puts 60,000 Redis instances at risk

The critical vulnerability allows attacks to escape the in-memory data store’s Lua sandbox and subsequently execute arbitrary ...
Computer Weekly

Commvault users told to patch two RCE exploit chains

Data backup and replication specialist Commvault has issued patches covering off four vulnerabilities in its core software product that, left unaddressed, could be combined to achieve two distinct ...
SDxCentral

Cisco reveals critical firewall exploit

Cisco users are urgently advised to update their firewall command center in light of a remote code execution (RCE) vulnerability. According to a "critical"-level alert issued last week, Cisco’s Secure ...
The Hacker News

Public Exploit for Chained SAP Flaws Exposes Unpatched Systems to Remote Code Execution

A new exploit combining two critical, now-patched security flaws in SAP NetWeaver has emerged in the wild, putting organizations at risk of system compromise and data theft. The exploit in question ...
SecurityWeek

New Exploit Poses Threat to SAP NetWeaver Instances

A new public exploit chains two critical flaws in SAP NetWeaver, exposing unpatched instances to code execution attacks. Dozens of SAP NetWeaver instances are susceptible to compromise after a threat ...
Bleeping Computer

Fortinet warns of FortiSIEM pre-auth RCE flaw with exploit in the wild

Fortinet is warning about a remote unauthenticated command injection flaw in FortiSIEM that has in-the-wild exploit code, making it critical for admins to apply the latest security updates. FortiSIEM ...
Computer Weekly

Patch ToolShell SharePoint zero-day immediately, says Microsoft

Organisations running on-premise instances of Microsoft’s SharePoint collaboration and document management platform should update without delay after multiple reports of an as-yet unidentified party ...
HotHardware

A Microsoft SharePoint 0-Day Security Vulnerability Was Just Weaponized At Scale

Microsoft Systems administrators everywhere, it looks like you get a Patch Monday as a side dish to the usual Patch Tuesday this week. There's a full remote code vulnerability (RCE) exploit for ...
The Washington Post

Global hack on Microsoft product hits U.S., state agencies, researchers say

Unknown attackers exploited a “significant vulnerability” in Microsoft’s SharePoint collaboration software, hitting targets around the world. Hackers exploited a major security flaw in widely used ...
Bleeping Computer

New Fortinet FortiWeb hacks likely linked to public RCE exploits

Multiple Fortinet FortiWeb instances recently infected with web shells are believed to have been compromised using public exploits for a recently patched remote code execution (RCE) flaw tracked as ...
TweakTown

Activision remove Call of Duty: WWII from Xbox Store after PC players were being hacked

TL;DR: Call of Duty: WWII PC players reported a Remote Command Execution (RCE) exploit allowing hackers to control their PCs mid-game, leading to malware risks. Following increased attacks after its ...