#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
AWS EKS Security Best Practices

remote code execution | Breaking Cybersecurity News | The Hacker News

Category — remote code execution
Microsoft Patches 130 Vulnerabilities, Including Critical Flaws in SPNEGO and SQL Server

Microsoft Patches 130 Vulnerabilities, Including Critical Flaws in SPNEGO and SQL Server

Jul 09, 2025 Endpoint Security / Vulnerability
For the first time in 2025, Microsoft's Patch Tuesday updates did not bundle fixes for exploited security vulnerabilities, but the company acknowledged one of the addressed flaws had been publicly known. The patches resolve a whopping 130 vulnerabilities , along with 10 other non-Microsoft CVEs that affect Visual Studio, AMD, and its Chromium-based Edge browser. Of these, 10 are rated Critical and the remaining are all rated Important in severity. "The 11-month streak of patching at least one zero-day that was exploited in the wild ended this month," Satnam Narang, Senior Staff Research Engineer at Tenable, said. Fifty-three of these shortcomings are classified as privilege escalation bugs followed by 42 as remote code execution, 17 as information disclosure, and 8 as security feature bypasses. These patches are in addition to two other flaws addressed by the company in the Edge browser since the release of last month's Patch Tuesday update . The vulnerability ...
CISA Adds Four Critical Vulnerabilities to KEV Catalog Due to Active Exploitation

CISA Adds Four Critical Vulnerabilities to KEV Catalog Due to Active Exploitation

Jul 08, 2025 Cyber Attacks / Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added four security flaws to its Known Exploited Vulnerabilities ( KEV ) catalog, citing evidence of active exploitation in the wild. The list of flaws is as follows - CVE-2014-3931 (CVSS score: 9.8) - A buffer overflow vulnerability in Multi-Router Looking Glass (MRLG) that could allow remote attackers to cause an arbitrary memory write and memory corruption CVE-2016-10033 (CVSS score: 9.8) - A command injection vulnerability in PHPMailer that could allow an attacker to execute arbitrary code within the context of the application or result in a denial-of-service (DoS) condition CVE-2019-5418 (CVSS score: 7.5) - A path traversal vulnerability in Ruby on Rails' Action View that could cause contents of arbitrary files on the target system's file system to be exposed CVE-2019-9621 (CVSS score: 7.5) - A Server-Side Request Forgery (SSRF) vulnerability in the Zimbra Collaboration Suite that could ...
Alert: Exposed JDWP Interfaces Lead to Crypto Mining, Hpingbot Targets SSH for DDoS

Alert: Exposed JDWP Interfaces Lead to Crypto Mining, Hpingbot Targets SSH for DDoS

Jul 05, 2025 Vulnerability / Botnet
Threat actors are weaponizing exposed Java Debug Wire Protocol ( JDWP ) interfaces to obtain code execution capabilities and deploy cryptocurrency miners on compromised hosts. "The attacker used a modified version of XMRig with a hard-"coded configuration, allowing them to avoid suspicious command-line arguments that are often flagged by defenders," Wiz researchers Yaara Shriki and Gili Tikochinski said in a report published this week. "The payload used mining pool proxies to hide their cryptocurrency wallet address, thereby preventing investigators from pivoting on it." The cloud security firm, which is being acquired by Google Cloud, said it observed the activity against its honeypot servers running TeamCity, a popular continuous integration and continuous delivery (CI/CD) tool. JDWP is a communication protocol used in Java for debugging purposes. With JDWP, users can leverage a debugger to work in a different process, a Java application, on the same com...
cyber security

10 Best Practices for Building a Resilient, Always-On Compliance Program

websiteXM CyberCyber Resilience / Compliance
Download XM Cyber's handbook to learn 10 essential best practices for creating a robust, always-on compliance program.
cyber security

Maximize the Security Tools You Already Have

websitePrelude SecuritySecurity Control Validation
Hone your EDR, identity, vuln, and email platforms against the threats that matter with a 14-day trial.
Critical Vulnerability in Anthropic's MCP Exposes Developer Machines to Remote Exploits

Critical Vulnerability in Anthropic's MCP Exposes Developer Machines to Remote Exploits

Jul 01, 2025 Vulnerability / AI Security
Cybersecurity researchers have discovered a critical security vulnerability in artificial intelligence (AI) company Anthropic's Model Context Protocol ( MCP ) Inspector project that could result in remote code execution (RCE) and allow an attacker to gain complete access to the hosts. The vulnerability, tracked as CVE-2025-49596 , carries a CVSS score of 9.4 out of a maximum of 10.0. "This is one of the first critical RCEs in Anthropic's MCP ecosystem, exposing a new class of browser-based attacks against AI developer tools," Oligo Security's Avi Lumelsky said in a report published last week. "With code execution on a developer's machine, attackers can steal data, install backdoors, and move laterally across networks - highlighting serious risks for AI teams, open-source projects, and enterprise adopters relying on MCP." MCP, introduced by Anthropic in November 2024, is an open protocol that standardizes the way large language model (LLM) appli...
Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access

Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access

Jun 26, 2025 Vulnerability, Network Security
Cisco has released updates to address two maximum-severity security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could permit an unauthenticated attacker to execute arbitrary commands as the root user. The vulnerabilities, assigned the CVE identifiers CVE-2025-20281 and CVE-2025-20282, carry a CVSS score of 10.0 each. A description of the defects is below - CVE-2025-20281 - An unauthenticated remote code execution vulnerability affecting Cisco ISE and ISE-PIC releases 3.3 and later that could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root CVE-2025-20282 - An unauthenticated remote code execution vulnerability affecting Cisco ISE and ISE-PIC release 3.4 that could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and execute those files on the underlying operating system as root Cisco said CVE-2025-20281 is the result of insuffici...
Expert Insights Articles Videos
Cybersecurity Resources