rce
CISA orders feds to patch n8n RCE flaw exploited in attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies on Wednesday to patch their systems against an actively exploited n8n vulnerability. n8n is an open-source workflow automation platform widely used in AI development for automating data ingestion, with over 50,000 weekly downloads on the npm registry and over 100 million pulls on Docker […]
Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers
A maximum severity vulnerability in the FreeScout helpdesk platform allows hackers to achieve remote code execution without any user interaction or authentication. The flaw is tracked as CVE-2026-28289 and bypasses a fix for another remote code execution (RCE) security issue (CVE-2026-27636) that could be exploited by authenticated users with upload permissions. Researchers at OX Security, a company that […]
Cisco warns of max severity Secure FMC flaws giving root access
Cisco has released security updates to patch two maximum-severity vulnerabilities in its Secure Firewall Management Center (FMC) software. Secure FMC is a web or SSH-based interface for admins to manage Cisco firewalls and configure application control, intrusion prevention, URL filtering, and advanced malware protection. Both vulnerabilities can be exploited remotely by unauthenticated attackers: the authentication […]
Trend Micro warns of critical Apex One code execution flaws
Japanese cybersecurity software firm Trend Micro has patched two critical Apex One vulnerabilities that allow attackers to gain remote code execution (RCE) on vulnerable Windows systems. Apex One is an endpoint security platform that detects and responds to security threats, including malware, spyware, malicious tools, and vulnerabilities. The first critical Apex One security flaw patched this week […]
Critical Juniper Networks PTX flaw allows full router takeover
A critical vulnerability in the Junos OS Evolved network operating system running on PTX Series routers from Juniper Networks could allow an unauthenticated attacker to execute code remotely with root privileges. PTX Series routers are high-performance core and peering routers built for high throughput, low latency, and scale. They are commonly used by internet service providers, telecommunication […]
Zyxel warns of critical RCE flaw affecting over a dozen routers
Taiwan networking provider Zyxel has released security updates to address a critical vulnerability affecting over a dozen router models that can allow unauthenticated attackers to gain remote command execution on unpatched devices. Tracked as CVE-2025-13942, this command injection security flaw was found in the UPnP function of Zyxel 4G LTE/5G NR CPE, DSL/Ethernet CPE, Fiber […]
CISA: BeyondTrust RCE flaw now exploited in ransomware attacks
Hackers are actively exploiting the CVE-2026-1731 vulnerability in the BeyondTrust Remote Support product, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns. The security issue affects BeyondTrust’s Remote Support 25.3.1 or earlier and Privileged Remote Access 24.3.4 or earlier, and can be exploited for remote code execution. CISA added it to the Known Exploited Vulnerabilities (KEV) […]
Flaws in popular VSCode extensions expose developers to attacks
Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local files and execute code remotely. The security issues impact Code Runner (CVE-2025-65715), Markdown Preview Enhanced (CVE-2025-65716), Markdown Preview Enhanced (CVE-2025-65717), and Microsoft Live Preview (no identifier assigned). Researchers at […]
CISA gives feds 3 days to patch actively exploited BeyondTrust flaw
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies on Friday to secure their BeyondTrust Remote Support instances against an actively exploited vulnerability within three days. BeyondTrust provides identity security services to more than 20,000 customers across over 100 countries, including government agencies and 75% of Fortune 100 companies worldwide. Tracked as CVE-2026-1731, this remote code […]
One threat actor responsible for 83% of recent Ivanti RCE attacks
Threat intelligence observations show that a single threat actor is responsible for most of the active exploitation of two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and CVE-2026-1340. The security issues have been flagged as actively exploited in zero-day attacks in Ivanti’s security advisory, where the company also announced hotfixes. Both flaws received a critical severity rating and […]