Hosted on MSN

Alleged 7-Zip arbitrary code execution exploit leaked to Twitter — the 7-Zip author claims this exploit not only isn't real but was generated by AI

Yesterday, user @NSA_Employee39 allegedly posted a zero-day exploit for the popular open-source file decompression utility 7-Zip on Twitter, only to have 7-Zip author Igor Pavlov swiftly dismiss it as ...
Hackaday

arbitrary code execution

There are a huge number of products available in the modern world that come with network connectivity now, when perhaps they might be better off with out it. Kitchen appliances like refrigerators are ...
Threat Post

Critical Magento Flaws Allow Code Execution

Adobe has released patches for critical and important-severity flaws in its popular Magento e-commerce platform. Critical flaws in Adobe’s Magento e-commerce platform – which is commonly targeted by ...
Infosecurity Magazine

Critical WatchGuard Fireware OS Flaw Enables Remote Code Execution

A critical out-of-bounds write flaw (CVE-2025-9242) in WatchGuard Fireware OS could allow remote code execution ...
The Hacker News

TARmageddon Flaw in Async-Tar Rust Library Could Enable Remote Code Execution

High-severity TARmageddon flaw (CVE-2025-62518) in Rust’s async-tar libraries enables RCE via header parsing bug.
ZDNet

Cisco discloses arbitrary execution in SD-WAN Solution and Webex

Cisco has disclosed a critical vulnerability in its SD-WAN Solution that allows for arbitrary code execution as the root user. Improper bounds checking by the vContainer allowed for potential ...
The Hacker News

Researchers Uncover WatchGuard VPN Bug That Could Let Attackers Take Over Devices

The vulnerability, per security researcher McCaulay Hudson, is rooted in the function "ike2_ProcessPayload_CERT" present in ...
Threat Post

Lexmark Printers Open to Arbitrary Code-Execution Zero-Day

“No remedy available as of June 21, 2021,” according to the researcher who discovered the easy-to-exploit, no-user-action-required bug. Lexmark printers – those ubiquitous, inky office workhorses that ...
SecurityWeek

Apple Bug Bounty Update: Top Payout $2 Million, $35 Million Paid to Date

Apple announced significant updates to its bug bounty program and the company is now offering up to $2 million for complex exploit chains.
Bleeping Computer

Git Project Patches Remote Code Execution Vulnerability in Git

The Git Project announced yesterday a critical arbitrary code execution vulnerability in the Git command line client, Git Desktop, and Atom that could allow malicious repositories to remotely execute ...
Hackaday

Remote Code Execution On An Oscilloscope

There are a huge number of products available in the modern world that come with network connectivity now, when perhaps they might be better off with out it. Kitchen appliances like refrigerators are ...
CSOonline

Researchers uncover RCE attack chains in popular enterprise credential vaults

Researchers have found 14 logic flaws in various components of HashiCorp Vault and CyberArk Conjur, two open-source credential management systems, allowing attacks that could bypass authentication ...