rce
Hackers now exploiting critical Fortinet FortiSIEM flaw in attacks
A critical Fortinet FortiSIEM vulnerability with publicly available proof-of-concept exploit code is now being abused in attacks. According to security researcher Zach Hanley at penetration testing company Horizon3.ai, who reported the vulnerability (CVE-2025-64155), it is a combination of two issues that allow arbitrary writes with admin permissions and privilege escalation to root access. “An improper […]
Cisco finally fixes AsyncOS zero-day exploited since November
Cisco has finally patched a maximum-severity Cisco AsyncOS zero-day exploited in attacks against Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) appliances since November 2025. As Cisco explained in December, when it disclosed the vulnerability (CVE-2025-20393), it affects only Cisco SEG and Cisco SEWM appliances with non-standard configurations when the Spam Quarantine […]
CISA orders feds to patch Gogs RCE flaw exploited in zero-day attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered government agencies to secure their systems against a high-severity Gogs vulnerability that was exploited in zero-day attacks. Designed as an alternative to GitLab or GitHub Enterprise and written in Go, Gogs is often exposed online for remote collaboration. Tracked as CVE-2025-8110, this remote code execution (RCE) […]
Max severity Ni8mare flaw impacts nearly 60,000 n8n instances
Nearly 60,000 n8n instances exposed online remain unpatched against a maximum-severity vulnerability dubbed “Ni8mare.” n8n is an open-source workflow automation platform that allows users to connect different applications and services via pre-built connectors and a visual, node-based interface to automate repetitive tasks without writing code. The automation platform is widely used in AI development to automate […]
Trend Micro warns of critical Apex Central RCE vulnerability
Japanese cybersecurity software firm Trend Micro has patched a critical security flaw in Apex Central (on-premise) that could allow attackers to execute arbitrary code with SYSTEM privileges. Apex Central is a web-based management console that helps admins manage multiple Trend Micro products and services (including antivirus, content security, and threat detection) and deploy components like antivirus […]
Max severity Ni8mare flaw lets hackers hijack n8n servers
A maximum severity vulnerability dubbed “Ni8mare” allows remote, unauthenticated attackers to take control over locally deployed instances of the N8N workflow automation platform. The security issue is identified as CVE-2026-21858 and has a 10 out of 10 severity score. According to researchers at data security company Cyera, there are more than 100,000 vulnerable n8n servers. n8n is an open-source […]
New Veeam vulnerabilities expose backup servers to RCE attacks
Veeam released security updates to patch multiple security flaws in its Backup & Replication software, including a critical remote code execution (RCE) vulnerability. Tracked as CVE-2025-59470, this RCE security flaw affects Veeam Backup & Replication 13.0.1.180 and all earlier version 13 builds. “This vulnerability allows a Backup or Tape Operator to perform remote code execution […]
New D-Link flaw in legacy DSL routers actively exploited in attacks
Threat actors are exploiting a recently discovered command injection vulnerability that affects multiple D-Link DSL gateway routers that went out of support years ago. The vulnerability is now tracked as CVE-2026-0625 and affects the dnscfg.cgi endpoint due to improper input sanitization in a CGI library. An unauthenticated attacker could leverage this to execute remote commands via DNS configuration parameters. Vulnerability intelligence company […]
RondoDox botnet exploits React2Shell flaw to breach Next.js servers
The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers. First documented by Fortinet in July 2025, RondoDox is a large-scale botnet that targets multiple n-day flaws in global attacks. In November, VulnCheck spotted new RondoDox variants that featured exploits for CVE-2025-24893, a critical remote code execution (RCE) vulnerability in […]
MongoDB warns admins to patch severe RCE flaw immediately
MongoDB has warned IT admins to immediately patch a high-severity vulnerability that can be exploited in remote code execution (RCE) attacks targeting vulnerable servers. Tracked as CVE-2025-14847, this security flaw affects multiple MongoDB and MongoDB Server versions and can be exploited by unauthenticated threat actors in low-complexity attacks that don’t require user interaction. CVE-2025-14847 is due […]