Bleeping Computer

Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled, patch now

Microsoft warned customers this Tuesday to patch a critical TCP/IP remote code execution (RCE) vulnerability with an increased likelihood of exploitation that impacts all Windows systems using IPv6, ...

GitHub fixes RCE flaw that gave access to millions of private repos

In early March, GitHub patched a critical remote code execution vulnerability (CVE-2026-3854) that could have allowed ...
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...
Dark Reading

Patch Now: Critical Fortinet RCE Bug Under Active Attack

As expected, cyberattackers have pounced on a critical remote code execution (RCE) vulnerability in the Fortinet Enterprise Management Server (EMS) that was patched last week, allowing them to execute ...
TweakTown

Call of Duty: WWII taken offline after RCE vulnerability let hackers take over PCs

TL;DR: Activision Blizzard has taken Call of Duty: WWII on PC offline from the Xbox App due to a critical remote code execution vulnerability. This security flaw allows hackers to hijack PCs, causing ...
Neowin

Unity discloses severe RCE vulnerability, urges developers to apply patches

Unity has disclosed a particularly severe vulnerability affecting all games going back to 2017. Malicious actors can utilize this security issue to gain access to data on your machine. Unity is a ...
CSOonline

Critical plugin flaw opens over a million WordPress sites to RCE attacks

A critical vulnerability has been reported in WPML — a multilingual WordPress plugin with more than a million installations globally — that allows remote code execution on affected WordPress sites.
CSOonline

Hackers exploit unpatched Erlang/OTP to crack OT firewalls

A max-severity RCE vulnerability in Erlang’s OTP SSH daemon, CVE-2025-32433, was actively exploited in OT networks across six countries, targeting firewalls in critical infrastructure sectors. A ...
Wisconsin Rapids Daily Tribune

Critical n8n Security Update: Public RCE Vulnerability PoC Now Available

SecureLayer7 Blackf0g researcher team A critical RCE vulnerability in n8n has been identified and patched. n8n’s AI workflow platform is widely used by enterprises. CVE-2026-25049 shows why deep, ...
Infosecurity-magazine.com

SolarWinds Web Help Desk Vulnerability Actively Exploited

A US security agency has warned SolarWinds Web Help Desk users that a remote code execution (RCE) vulnerability patched by the vendor last week is being actively exploited. The US Cybersecurity and ...
CRN

CISA Urges Patching For ‘Critical’ Ivanti Vulnerability

The cybersecurity agency encouraged organizations to address the remote code execution (RCE) vulnerability in Ivanti Standalone Sentry. CISA Thursday encouraged patching to address a critical-severity ...
Android

Google Cloud Platform vulnerability discovered, prompting security update

A recent discovery of a remote code execution (RCE) vulnerability in Google Cloud Platform (GCP) has raised new concerns about cloud security. Known as “CloudImposer,” the vulnerability was revealed ...