Tag: RCE

ELPACO-Team Ransomware Attack Detection: Hackers Exploit Atlassian Confluence Vulnerability (CVE-2023-22527) to Gain RDP Access and Enable RCE
ELPACO-Team Ransomware Attack Detection: Hackers Exploit Atlassian Confluence Vulnerability (CVE-2023-22527) to Gain RDP Access and Enable RCE

In today’s fast-evolving ransomware landscape, threat actors are accelerating their tactics to gain access and deploy payloads with alarming speed. Increasingly, attackers are leveraging known vulnerabilities as entry points, as seen in a recent attack where adversaries exploited CVE-2023-22527, a maximum-severity template injection flaw in Atlassian Confluence, to compromise an internet-exposed system. Just 62 hours […]

Read More
CVE-2025-4427 and CVE-2025-4428 Detection: Ivanti EPMM Exploit Chain Leading to RCE 
CVE-2025-4427 and CVE-2025-4428 Detection: Ivanti EPMM Exploit Chain Leading to RCE 

Following the disclosure of CVE-2025-31324, an unauthenticated file upload vulnerability in SAP NetWeaver enabling RCE, two more security flaws have surfaced in Ivanti Endpoint Manager Mobile (EPMM) software. Identified as CVE-2025-4427 and CVE-2025-4428, these vulnerabilities can be chained together to achieve RCE on vulnerable devices without requiring authentication. Detect CVE-2025-4427 and CVE-2025-4428 Exploit Chain With […]

Read More
Detect CVE-2025-31324 Exploitation by Chinese APT Groups Targeting Critical Infrastructure
Detect CVE-2025-31324 Exploitation by Chinese APT Groups Targeting Critical Infrastructure

A newly revealed SAP NetWeaver critical vulnerability, an unauthenticated file upload flaw that allows RCE and tracked as CVE-2025-31324, is being actively exploited by several China-linked nation-state groups to attack critical infrastructure systems. Defenders attribute the observed intrusions to Chinese cyber-espionage groups, which are likely linked to China’s Ministry of State Security (MSS) or its […]

Read More
CVE-2025-34028 Detection: A Maximum-Severity Vulnerability in the Commvault Command Center Enables RCE
CVE-2025-34028 Detection: A Maximum-Severity Vulnerability in the Commvault Command Center Enables RCE

Following the CVE-2025-30406 disclosure, an RCE flaw in the widely used Gladinet CentreStack and Triofox platforms, another highly critical vulnerability that could also allow remote execution of arbitrary code without authentication, is coming to the scene. The flaw, tracked as CVE-2025-34028, has been recently uncovered in the Command Center installation, which could lead to a […]

Read More
CVE-2025-30406 Detection: Critical RCE Vulnerability in Gladinet CentreStack & Triofox Under Active Exploitation
CVE-2025-30406 Detection: Critical RCE Vulnerability in Gladinet CentreStack & Triofox Under Active Exploitation

A critical vulnerability in the widely used Gladinet CentreStack and Triofox enterprise file sharing and remote access platforms has surfaced — and it’s already under active exploitation. At least seven organizations have reportedly been compromised through this flaw, tracked as  CVE-2025-30406. The root cause? A hard-coded cryptographic key that leaves internet-facing servers dangerously exposed to […]

Read More
CVE-2025-1449: Rockwell Automation Verve Asset Manager Vulnerability Enables Adversaries to Gain Access to Run Arbitrary Commands
CVE-2025-1449: Rockwell Automation Verve Asset Manager Vulnerability Enables Adversaries to Gain Access to Run Arbitrary Commands

Hard on the heels of the disclosure of CVE-2025-24813, a RCE flaw in Apache Tomcat actively leveraged in the wild shortly after the release of its PoC, another vulnerability identified as CVE-2025-1449 that can be exploited remotely comes into the spotlight. Once weaponized,  CVE-2025-1449 gives admin-level threat actors the green light to run arbitrary commands. […]

Read More
CVE-2025–27364 in MITRE Caldera: Exploitation of a New Max-Severity RCE Vulnerability via Linker Flag Manipulation Can Lead to Full System Compromise 
CVE-2025–27364 in MITRE Caldera: Exploitation of a New Max-Severity RCE Vulnerability via Linker Flag Manipulation Can Lead to Full System Compromise 

A novel max-severity RCE vulnerability (CVE-2025-27364) in MITRE Caldera poses a serious risk of system compromise. The flaw can also be chained with another Parallels Desktop security issue, CVE-2024-34331, to double the risks of threats. If exploited, these security issues could provide hackers with full system control, causing unauthorized access, data breaches, and further lateral […]

Read More
CVE-2023-22527 Detection: Maximum Severity RCE Vulnerability in Atlassian’s Confluence Server and Data Center Exploited in the Wild
CVE-2023-22527 Detection: Maximum Severity RCE Vulnerability in Atlassian’s Confluence Server and Data Center Exploited in the Wild

Adversaries carry out high-profile in-the-wild attacks by weaponizing RCE vulnerabilities impacting Atlassian Confluence servers. A newly uncovered RCE vulnerability in the Confluence Data Center and Confluence Server has been observed under active exploitation just a few days after its discovery. The critical flaw tracked as CVE-2023-22527 with the highest possible CVSS score of 10.0 affects […]

Read More