Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers

A maximum severity vulnerability in the FreeScout helpdesk platform allows hackers to achieve remote code execution without ...
SecurityWeek

Critical FreeScout Vulnerability Leads to Full Server Compromise

A critical-severity FreeScout vulnerability can be exploited for remote code execution without authentication or user ...
Bleeping Computer

Over 178K SonicWall firewalls vulnerable to DoS, potential RCE attacks

Security researchers have found over 178,000 SonicWall next-generation firewalls (NGFW) with the management interface exposed online are vulnerable to denial-of-service (DoS) and potential remote code ...

Claude collaboration tools left the door wide open to remote code execution

Anthropic fixed the flaws – but the AI-enabled attack surfaces remain Security vulnerabilities in Claude Code could have ...
Network World

HPE OneView vulnerable to remote code execution attack

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately. A maximum severity remote code execution vulnerability in Hewlett Packard ...
HotHardware

Microsoft Windows Server Update Service Is Under Attack, What You Need To Know

Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...
CSOonline

Gladinet servers file-sharing servers allow remote code execution

Enterprises relying on Gladinet’s file-sharing services are faced with another round of zero-day patching, this time to block attackers from abusing cryptographic keys directly baked into its ...
TechCrunch

CISA issues warning about another Ivanti flaw under active attack

Hackers are exploiting yet another vulnerability in one of Ivanti’s widely used enterprise products, the U.S. government’s cybersecurity agency CISA warned in a fresh alert this week. The remote code ...
Hosted on MSN

Millions of Apple AirPlay devices susceptible to 'AirBorne' zero-click RCE attacks, so patch now

Security researchers found dozens of flaws in Apple's AirPlay protocol Some of them allowed remote code execution attacks Apple has released patches addressing the flaws Apple’s AirPlay Protocol and ...
CSO Online

Flaws in four popular VS Code extensions left 128 million installs open to attack

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.
Dark Reading

Billions of Android Devices Open to 'Dirty Stream' Attack

Researchers from Microsoft recently discovered many Android applications — including at least four with more than 500 million installations each — to be vulnerable to remote-code execution attacks, ...
IT-Online

Critical Claude code flaws exposed

Check Point Research’s recent identification of critical vulnerabilities in Anthropic’s Claude Code is a cause for concern, particularly for African organisations. This is the word from Hendrik de ...