A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...

Zerodium has announced today an increased interest in exploits for the WordPress content management system that achieve remote code execution. The exploit acquisition platform is now enticing exploit ...

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.

An attacker has been using maliciously crafted PDF files to exploit a zero-day in Adobe Acrobat and Reader for at least four ...

A vulnerability was discovered in Elementor, starting with version 3.6.0, that allows an attacker to upload arbitrary code and stage a full site takeover. The flaw was introduced through a lack of ...

Sophos has patched a remote code execution (RCE) vulnerability in the Firewall product line. Sophos Firewall is an enterprise cybersecurity solution that can adapt to different networks and ...

Researchers from Microsoft have demonstrated how programmable logic controllers (PLCs) that support the CODESYS runtime can be taken over by exploiting high-severity remote code execution (RCE) ...

LastPass bills itself as a way to simplify your life by storing all your passwords and account details in one place. However, it's looking a little less convenient now, as the service deals with its ...