Hackers exploit Gladinet CentreStack cryptographic flaw in RCE attacks

Hackers are exploiting a new, undocumented vulnerability in the implementation of the cryptographic algorithm present in Gladinet's CentreStack and Triofox products for secure remote file access and ...
Security Boulevard

Best of 2025: LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for CVE-2024-49112

SafeBreach researchers developed a zero-click PoC exploit that crashes unpatched Windows Servers using the Windows ...
SDxCentral

Cisco reveals critical firewall exploit

Cisco users are urgently advised to update their firewall command center in light of a remote code execution (RCE) vulnerability. According to a "critical"-level alert issued last week, Cisco’s Secure ...
TweakTown

Activision remove Call of Duty: WWII from Xbox Store after PC players were being hacked

TL;DR: Call of Duty: WWII PC players reported a Remote Command Execution (RCE) exploit allowing hackers to control their PCs mid-game, leading to malware risks. Following increased attacks after its ...
Dark Reading

Threat Actors Exploit a Critical Ivanti RCE Bug, Again

A Chinese threat actor is once again exploiting Ivanti remote access devices at large. It all started last January, when two serious vulnerabilities were discovered in Ivanti's Connect Secure (ICS) ...
CSOonline

Over 12,000 KerioControl firewalls remain prone to RCE attacks amid active exploits

While unpatched instances were reduced to half within a month, a huge number of them remain vulnerable even as attackers exploit the flaw in the wild for critical RCE attacks. Businesses around the ...
Hosted on MSN

This Call of Duty game just hit Xbox Game Pass, but it's infested with RCE hackers — I'd take cover and avoid playing until there's a fix

In the wake of Microsoft's acquisition of Activision Blizzard that closed in late 2023, the Xbox and Windows maker has been slowly bringing the Call of Duty games — some of the best-selling titles in ...
CSOonline

Critical Windows LDAP flaw could lead to crashed servers, RCE attacks

LDAPNightmare: If December Patch Tuesday server updates have not yet been installed, it’s time to do so to avoid DoS or RCE attacks on Active Directory domain controllers as shown by PoC exploit.
Bleeping Computer

Exploit details for max severity Cisco IOS XE flaw now public

Technical details about a maximum-severity Cisco IOS XE WLC arbitrary file upload flaw tracked as CVE-2025-20188 have been made publicly available, bringing us closer to a working exploit. The ...
Security Boulevard

Real Attacks of the Week: How Spyware Beaconing and Exploit Probing Are Shaping Modern Intrusions

Over the past week, enterprise security teams observed a combination of covert malware communication attempts and aggressive probing of publicly exposed infrastructure. These incidents, detected ...
TweakTown

Notepad messages and porn videos - Call of Duty players issue serious hacking warning

TL;DR: Call of Duty: WW2's player count surged after joining Xbox Game Pass, but reports of hackers exploiting Remote Command Execution (RCE) vulnerabilities have increased sharply. These exploits ...