Bleeping Computer

Actively exploited Apache 0-day also allows remote code execution

Proof-of-Concept (PoC) exploits for the Apache web server zero-day surfaced on the internet revealing that the vulnerability is far more critical than originally disclosed. These exploits show that ...
CSOonline

Microsoft demonstrates remote code execution exploit against PLCs that support CODESYS

Researchers from Microsoft have demonstrated how programmable logic controllers (PLCs) that support the CODESYS runtime can be taken over by exploiting high-severity remote code execution (RCE) ...
Bleeping Computer

Over 12,000 KerioControl firewalls exposed to exploited RCE flaw

Over twelve thousand GFI KerioControl firewall instances are exposed to a critical remote code execution vulnerability tracked as CVE-2024-52875. KerioControl is a network security suite that small ...
ZDNet

Sophos patches critical remote code execution vulnerability in Firewall

Sophos has patched a remote code execution (RCE) vulnerability in the Firewall product line. Sophos Firewall is an enterprise cybersecurity solution that can adapt to different networks and ...
Infosecurity-magazine.com

Critical WatchGuard Fireware OS Flaw Enables Remote Code Execution

A critical vulnerability (CVSS4.0 9.3) in WatchGuard Fireware OS has been identified that could allow a threat actor to remotely execute arbitrary code. The bug, tracked as CVE-2025-9242, is an out-of ...
CSOonline

Atlassian’s Confluence hit with critical remote code execution bugs

Atlassian Confluence Data Center and Server has been hit with a critical remote code execution bug, allowing authenticated threat actors to exploit account privileges and execute arbitrary codes. The ...