Bleeping Computer

Exploit code released for critical Ivanti RCE flaw, patch now

A proof-of-concept (PoC) exploit for CVE-2024-29847, a critical remote code execution (RCE) vulnerability in Ivanti Endpoint Manager, is now publicly released, making it crucial to update devices. The ...
Dark Reading

Apache Tomcat RCE Vulnerability Under Fire With 2-Step Exploit

A vulnerability found in Apache Tomcat, tracked as CVE-2025-24813, is being actively exploited in the wild. The remote code execution (RCE) bug allows attackers to take over servers using a PUT API ...
来自MSN

Infoseccers criticize Veeam over critical RCE vulnerability and a failing blacklist

In patching the latest critical remote code execution (RCE) bug in Backup and Replication, software shop Veeam is attracting criticism from researchers for the way it handles uncontrolled ...
CSOonline

Tomcat PUT to active abuse as Apache deals with critical RCE flaw

Apache Software’s open-source web container for handling Java-based web applications, Tomcat, is under active attacks through a critical RCE flaw the company disclosed last week. According to API ...
Dark Reading

Critical VMware RCE Vulnerabilities Targeted by Public Exploit Code

Three security vulnerabilities affecting VMware's vRealize Log Insight platform now have public exploit code circulating, offering a map for cybercriminals to follow to weaponize them. These include ...
CSOonline

Big hole in big data: Critical deserialization bug in Apache Parquet allows RCE

A flaw in code for handling Parquet, Apache’s open-source columnar data file format, allows attackers to run arbitrary code on vulnerable instances. The vulnerability, tracked as CVE-2025-30065, is a ...