Another round of critical Web Help Desk flaws highlights how SolarWinds’ legacy code and past breaches continue to haunt IT ...

CISA confirmed today that attackers are actively exploiting a critical remote code execution (RCE) bug patched by Fortinet on Thursday. The flaw (CVE-2024-21762) is due to an out-of-bounds write ...

Veeam is warning its customers of two vulnerabilities, of which one is a critical RCE bug, affecting the Service Provider Console (VSPC), a web-based management platform for managed service providers ...

A proof-of-concept exploit (PoC) for a critical vulnerability in Fortinet's FortiSIEM product has emerged, paving the way for broad exploitation. The vulnerability, tracked under CVE-2024-23108, was ...

In patching the latest critical remote code execution (RCE) bug in Backup and Replication, software shop Veeam is attracting criticism from researchers for the way it handles uncontrolled ...

Microsoft fixed 60 vulnerabilities in this month’s Patch Tuesday security update round, including just two critical bugs. These both affect Windows Hyper-V. CVE-2024-21407 enables attackers to escape ...

A Chinese threat actor is once again exploiting Ivanti remote access devices at large. It all started last January, when two serious vulnerabilities were discovered in Ivanti's Connect Secure (ICS) ...

IT management software provider SolarWinds has urged customers to immediately patch a critical vulnerability in its Web Help Desk platform. CVE-2024-28986 is a Java deserialization remote code ...

On Monday, Italian programmer Simone Margaritelli, who goes by the handle @evilsocket, claimed that there was an unauthenticated Remote Code Execution (RCE) with a Common Vulnerability Scoring System ...

Remote code execution vulnerabilities pose especially critical threats to organizations, and VMware’s stronghold in data centers worldwide give patching these flaws particular urgency. VMware fixed ...