RCE

Axios Supply Chain Attack Delivers Cross-Platform RAT Through Compromised npm Account

A major supply chain security incident has impacted Axios, one of the most widely used HTTP clients in the JavaScript ecosystem. Attackers successfully introduced malicious code into the npm package by compromising a maintainer account, enabling the distribution of a cross-platform remote access trojan (RAT). Compromised npm Account Used to Publish Malicious Versions Security researchers revealed […]

Axios Supply Chain Attack Delivers Cross-Platform RAT Through Compromised npm Account Read More »

Russian CTRL Toolkit Uses Malicious LNK Files to Hijack RDP Through FRP Tunnels

Cybersecurity researchers have uncovered a sophisticated Russian-origin remote access toolkit called CTRL, which is distributed through malicious Windows shortcut (LNK) files disguised as private key folders. The toolkit enables credential theft, keylogging, and RDP session hijacking, while using Fast Reverse Proxy (FRP) tunnels to maintain stealthy command and control (C2). Multi-Stage Deployment According to Censys Censys, the

Russian CTRL Toolkit Uses Malicious LNK Files to Hijack RDP Through FRP Tunnels Read More »

Oracle Fixes Critical CVE-2026-21992 Allowing Unauthenticated Remote Code Execution in Identity Manager

Oracle Corporation has released urgent security updates to address a severe vulnerability affecting Oracle Identity Manager and Oracle Web Services Manager. The flaw, tracked as CVE-2026-21992, allows unauthenticated attackers to execute arbitrary code remotely, making it a high-risk security issue. Severity and Impact This vulnerability has been assigned a CVSS score of 9.8 out of

Oracle Fixes Critical CVE-2026-21992 Allowing Unauthenticated Remote Code Execution in Identity Manager Read More »

Critical Unpatched Telnetd Vulnerability CVE 2026 32746 Allows Unauthenticated Root RCE

Cybersecurity experts have revealed a serious security weakness affecting the Telnet service implementation in GNU InetUtils. The vulnerability could allow a remote attacker to execute malicious code on vulnerable systems without authentication. The issue has been assigned the identifier CVE-2026-32746 and has received a CVSS severity score of 9.8, indicating a critical level of risk.

Critical Unpatched Telnetd Vulnerability CVE 2026 32746 Allows Unauthenticated Root RCE Read More »

Security Flaws in Amazon Bedrock, LangSmith, and SGLang Could Allow Data Exfiltration and Remote Code Execution

Cybersecurity researchers have uncovered multiple security weaknesses in several artificial intelligence platforms that could allow attackers to steal sensitive data or execute malicious commands. The issues affect services associated with Amazon, LangSmith, and SGLang. According to recent research, attackers can exploit these weaknesses to extract confidential information, hijack accounts, and potentially gain remote code execution

Security Flaws in Amazon Bedrock, LangSmith, and SGLang Could Allow Data Exfiltration and Remote Code Execution Read More »

CISA Warns of Actively Exploited n8n RCE Vulnerability as 24,700 Instances Remain Exposed

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting the n8n workflow automation platform to its Known Exploited Vulnerabilities (KEV) catalog, confirming that the flaw is currently being exploited in real world attacks. The vulnerability, tracked as CVE-2025-68613 with a CVSS score of 9.9, allows attackers to execute remote code

CISA Warns of Actively Exploited n8n RCE Vulnerability as 24,700 Instances Remain Exposed Read More »

Critical n8n Vulnerabilities Enable Remote Code Execution and Exposure of Stored Credentials

Cybersecurity researchers have revealed details about multiple serious vulnerabilities in the n8n workflow automation platform, including two critical flaws that could allow attackers to execute arbitrary commands on affected systems. The vulnerabilities have already been patched, but security experts warn that systems running older versions may remain vulnerable. Key Vulnerabilities Identified Researchers identified two major security

Critical n8n Vulnerabilities Enable Remote Code Execution and Exposure of Stored Credentials Read More »

Claude Code Vulnerabilities Enable Remote Code Execution and API Key Theft

Cybersecurity researchers have revealed several critical security flaws in Anthropic’s Claude Code, an AI-driven coding assistant, which could allow attackers to execute remote code and steal API credentials. Check Point researchers Aviv Donenfeld and Oded Vanunu reported, “These vulnerabilities exploit multiple configuration points, including Hooks, Model Context Protocol (MCP) servers, and environment variables. Attackers can

Claude Code Vulnerabilities Enable Remote Code Execution and API Key Theft Read More »

SolarWinds Fixes Four Critical Serv-U 15.5 Vulnerabilities Enabling Root Code Execution

SolarWinds has issued urgent security updates to resolve four critical vulnerabilities in its Serv-U file transfer platform. If exploited, these flaws could allow attackers to execute arbitrary code with root level privileges, creating severe security exposure for affected systems. All four vulnerabilities carry a CVSS score of 9.1, placing them in the critical severity category.

SolarWinds Fixes Four Critical Serv-U 15.5 Vulnerabilities Enabling Root Code Execution Read More »

BeyondTrust Vulnerability Exploited to Deploy Web Shells, Backdoors, and Steal Data

A critical security flaw affecting BeyondTrust Remote Support and BeyondTrust Privileged Remote Access products is being actively exploited by threat actors to deploy web shells, backdoors, malware, and exfiltrate sensitive data. The vulnerability, tracked as CVE-2026-1731, carries a CVSS score of 9.9. Nature of the Vulnerability The flaw stems from a sanitization failure in the “thin-scc-wrapper” script, accessible via

BeyondTrust Vulnerability Exploited to Deploy Web Shells, Backdoors, and Steal Data Read More »