The Hacker News

Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware

Microsoft links Storm-1175 to GoAnywhere flaw CVE-2025-10035, exploited since September for Medusa ransomware.
Computer Weekly

SolarWinds warns over dangerous RCE flaw

SolarWinds is urging users of its Web Help Desk helpdesk ticketing and asset management software to ensure their instances are up-to-date after patching a newly uncovered remote code execution (RCE) ...
CSO Online

10.0-severity RCE flaw puts 60,000 Redis instances at risk

The critical vulnerability allows attacks to escape the in-memory data store’s Lua sandbox and subsequently execute arbitrary ...
The Hacker News

Hackers Target ICTBroadcast Servers via Cookie Exploit to Gain Remote Shell Access

"Attackers are leveraging the unauthenticated command injection in ICTBroadcast via the BROADCAST cookie to gain remote code execution," VulnCheck's Jacob Baines said in a Tuesday alert.
Bleeping Computer

CISA says hackers breached federal agency using GeoServer exploit

CISA has revealed that attackers breached the network of an unnamed U.S. federal civilian executive branch (FCEB) agency last year after compromising an unpatched GeoServer instance. While the ...
Dark Reading

Patch Now: 'RediShell' Threatens Cloud Via Redis RCE

A 13-year-old vulnerability that affects all versions of the Redis open source data storage service can allow attackers to take full control of a host system, posing a significant threat to cloud ...
Business Insider

Trump's cartel war is pulling US warships into a Caribbean show of force. Another destroyer just showed up.

You're currently following this author! Want to unfollow? Unsubscribe via the link in your email. Follow Kelsey Baker Every time Kelsey publishes a story, you’ll get an alert straight to your inbox!