Threat Post

RCE Exploit Released for IBM Data Risk Manager

Four serious security vulnerabilities in the IBM Data Risk Manager (IDRM) have been identified that can lead to unauthenticated remote code execution (RCE) as root in vulnerable versions, according to ...
Bleeping Computer

Hackers exploit critical VMware RCE flaw to install backdoors

Advanced hackers are actively exploiting a critical remote code execution (RCE) vulnerability, CVE-2022-22954, that affects in VMware Workspace ONE Access (formerly called VMware Identity Manager).
Dark Reading

Exploit for Fortinet Critical RCE Bug Allows SIEM Root Access

A proof-of-concept exploit (PoC) for a critical vulnerability in Fortinet's FortiSIEM product has emerged, paving the way for broad exploitation. The vulnerability, tracked under CVE-2024-23108, was ...
ZDNet

Cobalt Strike and Metasploit accounted for a quarter of all malware C&C servers in 2020

Cobalt Strike and Metasploit, two penetration testing toolkits usually employed by security researchers, have been used to host more than a quarter of all the malware command and control (C&C) servers ...
Bleeping Computer

Zyxel fixes firewall flaws that could lead to hacked networks

Zyxel has fixed critical firewall vulnerabilities that could have allowed threat actors to gain full access to devices and the internal corporate networks they are designed to protect. The company ...