The Hacker News

Zoom and GitLab Release Security Updates Fixing RCE, DoS, and 2FA Bypass Flaws

Zoom and GitLab have released security updates to resolve a number of security vulnerabilities that could result in denial-of ...

This WebUI vulnerability allows remote code execution - here's how to stay safe

Popular AI interface was plagued by an 8/10 bug, but a fix is now available.

Cisco fixes Unified Communications RCE zero day exploited in attacks

Cisco has fixed a critical Unified Communications and Webex Calling remote code execution vulnerability, tracked as ...

Some worrying security flaws were found in Anthropic's official Git MCP

Here's what happened next ...

CISA orders feds to patch Gogs RCE flaw exploited in zero-day attacks

CISA has ordered government agencies to secure their systems against a high-severity Gogs vulnerability that was exploited in ...
TechJuice

The “Invisible Commands” That Let Hackers Hijack Anthropic’s Git Server

Three serious prompt injection vulnerabilities in Anthropic’s Git MCP server briefly enabled remote code execution and file ...
SecurityWeek

APT-Grade PDFSider Malware Used by Ransomware Groups

Attacks linked to APT and ransomware groups are relying on DLL sideloading for code execution instead of exploit-based ...
Security Boulevard

JFrog Researchers Uncover RCE Exploit for Existing Redis Database Vulnerability

JFrog this week published an analysis of a vulnerability in Redis databases that may be more serious than initially thought following the discovery of a ...
TweakTown

Call of Duty: WWII taken offline after RCE vulnerability let hackers take over PCs

TL;DR: Activision Blizzard has taken Call of Duty: WWII on PC offline from the Xbox App due to a critical remote code execution vulnerability. This security flaw allows hackers to hijack PCs, causing ...
CSO Online

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...