rce
CISA orders feds to patch Windows Server WSUS flaw used in attacks
The Cybersecurity and Infrastructure Security Agency (CISA) ordered U.S. government agencies to patch a critical-severity Windows Server Update Services (WSUS) vulnerability after adding it to its catalog of security flaws exploited in attacks. Tracked as CVE-2025-59287, this actively exploited, potentially wormable remote code execution (RCE) vulnerability affects Windows servers with the WSUS Server role (a feature […]
Critical WSUS flaw in Windows Server now exploited in attacks
Attackers are now exploiting a critical-severity Windows Server Update Service (WSUS) vulnerability, which already has publicly available proof-of-concept exploit code. Tracked as CVE-2025-59287, this remote code execution (RCE) flaw affects only Windows servers with the WSUS Server role enabled to act as an update source for other WSUS servers within the organization (a feature that isn’t […]
Windows Server emergency patches fix WSUS bug with PoC exploit
Microsoft has released out-of-band (OOB) security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with publicly available proof-of-concept exploit code. WSUS is a Microsoft product that enables IT administrators to manage and deliver Windows updates to computers within their network. Tracked as CVE-2025-59287, this remote code execution (RCE) security flaw affects only Windows […]
TARmageddon flaw in abandoned Rust library enables RCE attacks
A high-severity vulnerability in the now-abandoned async-tar Rust library and its forks can be exploited to gain remote code execution on systems running unpatched software. Tracked as CVE-2025-62518, this logic flaw results from a desynchronization issue that allows unauthenticated attackers to inject additional archive entries during TAR file extraction. This occurs specifically when processing nested TAR […]
Sharepoint ToolShell attacks targeted orgs across four continents
Hackers believed to be associated with China have leveraged the ToolShell vulnerability (CVE-2025-53770) in Microsoft SharePoint in attacks targeting government agencies, universities, telecommunication service providers, and finance organizations. The security flaw affects on-premise SharePoint servers and was disclosed as an actively exploited zero-day on July 20, after multiple hacking groups tied to China leveraged it in widespread […]
DrayTek warns of remote code execution bug in Vigor routers
Networking hardware maker DrayTek released an advisory to warn about a security vulnerability in several Vigor router models that could allow remote, unauthenticated actors to execute perform arbitrary code. The flaw, tracked identified as CVE-2025-10547, was reported to the vendor on July 22 by ChapsVision security researcher Pierre-Yves Maes. “The vulnerability can be triggered when unauthenticated remote attackers send […]
Nearly 50,000 Cisco firewalls vulnerable to actively exploited flaws
Roughly 50,000 Cisco Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) appliances exposed on the public web are vulnerable to two vulnerabilities actively leveraged by hackers. The flaws, tracked as CVE-2025-20333 and CVE-2025-20362, enable arbitrary code execution and access to restricted URL endpoints associated with VPN access. Both security issues can be exploited remotely […]
Maximum severity GoAnywhere MFT flaw exploited as zero day
Hackers are actively exploiting a maximum severity vulnerability (CVE-2025-10035) in Fortra’s GoAnywhere MFT that allows injecting commands remotely without authentication. The vendor disclosed the flaw on September 18, buit the company had learned about it a week earlier, and did not share any details on how it was discovered or if it was being exploited. CVE-2025-10035 […]
CISA says hackers breached federal agency using GeoServer exploit
CISA has revealed that attackers breached the network of an unnamed U.S. federal civilian executive branch (FCEB) agency last year after compromising an unpatched GeoServer instance. The security bug (tracked as CVE-2024-36401) is a critical remote code execution (RCE) vulnerability patched on June 18, 2024. CISA added the flaw to its catalog of actively exploited vulnerabilities roughly […]
SolarWinds releases third patch to fix Web Help Desk RCE bug
SolarWinds has released a hotfix for a critical a critical vulnerability in Web Help Desk that allows remote code execution (RCE) without authentication. Tracked as CVE-2025-26399, the security issue is the company’s third attempt to address an older flaw identified as CVE-2024-28986 that impacted Web Help Desk (WHD) 12.8.3 and all previous versions. SolarWinds WHD is a help […]