rce
Palo Alto Networks warns of firewall RCE zero-day exploited in attacks
Palo Alto Networks warned customers today that a critical-severity unpatched vulnerability in the PAN-OS User-ID Authentication Portal is being exploited in attacks. Also known as the Captive Portal, the User-ID Authentication Portal is a PAN-OS security feature that authenticates users whose identities cannot be automatically mapped by the firewall. Tracked as CVE-2026-0300, this zero-day bug stems from […]
Hackers exploit RCE flaws in Qinglong task scheduler for cryptomining
Hackers are exploiting two authentication bypass vulnerabilities in the Qinglong open-source task scheduling tool to deploy cryptominers on developers’ servers. Exploitation started in early February, before the security issues were disclosed publicly at the end of the month, according to researchers at cloud-native application security company Snyk. Qinglong is a self-hosted open-source time management platform […]
GitHub fixes RCE flaw that gave access to millions of private repos
In early March, GitHub patched a critical remote code execution vulnerability (CVE-2026-3854) that could have allowed attackers to access millions of private repositories. The flaw was reported on March 4, 2026, by researchers at cybersecurity firm Wiz through GitHub’s bug bounty program. GitHub Chief Information Security Officer Alexis Wales said the company’s security team reproduced and confirmed the vulnerability […]
Hackers exploit file upload bug in Breeze Cache WordPress plugin
Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading arbitrary files on the server without authentication. The security issue is tracked as CVE-2026-3844 and has been leveraged in more than 170 exploitation attempts by the Wordfence security solution for the WordPress ecosystem. The Breeze Cache WordPress caching […]
Actively exploited Apache ActiveMQ flaw impacts 6,400 servers
Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ongoing attacks exploiting a high-severity code injection vulnerability. Apache ActiveMQ is the most popular open-source multi-protocol message broker for asynchronous communication between Java applications. Tracked as CVE-2026-34197, the vulnerability was discovered by Horizon3 researcher Naveen Sunkavally using the Claude AI assistant after remaining […]
Critical flaw in Protobuf library enables JavaScript code execution
Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used JavaScript implementation of Google’s Protocol Buffers. The tool is highly popular in the Node Package Manager (npm) registry, with an average of nearly 50 million weekly downloads. It is used for inter-service communication, in real-time applications, and for […]
CISA flags Apache ActiveMQ flaw as actively exploited in attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned on Thursday that a high-severity Apache ActiveMQ vulnerability patched earlier this month is now actively exploited in attacks. Apache ActiveMQ is the most popular open-source Java-based message broker for asynchronous communication between applications. Tracked as CVE-2026-34197, the security flaw has gone undetected for 13 years and was discovered by Horizon3 […]
Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face
Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware hosted on Hugging Face Spaces. Attacks leveraging the remote code execution flaw (CVE-2026-39987) started last week for credential theft, less than 10 hours after technical details were disclosed publicly, according to data from cloud-security company Sysdig. Sysdig researchers continued […]
Adobe rolls out emergency fix for Acrobat Reader zero-day flaw
Adobe has released an emergency security update for Acrobat Reader to fix a vulnerability, tracked as CVE-2026-34621, that has been exploited in zero-day attacks since at least December. The flaw allows malicious PDF files to bypass sandbox restrictions and invoke privileged JavaScript APIs, potentially leading to arbitrary code execution. The exploit observed in attacks enables reading and stealing arbitrary files. No user […]
Critical Marimo pre-auth RCE flaw now under active exploitation
Hackers started exploiting a critical vulnerability in the Marimo open-source reactive Python notebook platform just 10 hours after its public disclosure. The flaw allows remote code execution without authentication in Marimo versions 0.20.4 and earlier. It tracked as CVE-2026-39987 and GitHub assessed it with a critical score of 9.3 out of 10. According to researchers at cloud-security […]