In today’s fast-evolving ransomware landscape, threat actors are accelerating their tactics to gain access and deploy payloads with alarming speed. Increasingly, attackers are leveraging known vulnerabilities as entry points, as seen in a recent attack where adversaries exploited CVE-2023-22527, a maximum-severity template injection flaw in Atlassian Confluence, to compromise an internet-exposed system. Just 62 hours […]
Following the disclosure of CVE-2025-31324, an unauthenticated file upload vulnerability in SAP NetWeaver enabling RCE, two more security flaws have surfaced in Ivanti Endpoint Manager Mobile (EPMM) software. Identified as CVE-2025-4427 and CVE-2025-4428, these vulnerabilities can be chained together to achieve RCE on vulnerable devices without requiring authentication. Detect CVE-2025-4427 and CVE-2025-4428 Exploit Chain With […]
A newly revealed SAP NetWeaver critical vulnerability, an unauthenticated file upload flaw that allows RCE and tracked as CVE-2025-31324, is being actively exploited by several China-linked nation-state groups to attack critical infrastructure systems. Defenders attribute the observed intrusions to Chinese cyber-espionage groups, which are likely linked to China’s Ministry of State Security (MSS) or its […]
Following the CVE-2025-30406 disclosure, an RCE flaw in the widely used Gladinet CentreStack and Triofox platforms, another highly critical vulnerability that could also allow remote execution of arbitrary code without authentication, is coming to the scene. The flaw, tracked as CVE-2025-34028, has been recently uncovered in the Command Center installation, which could lead to a […]
A critical vulnerability in the widely used Gladinet CentreStack and Triofox enterprise file sharing and remote access platforms has surfaced — and it’s already under active exploitation. At least seven organizations have reportedly been compromised through this flaw, tracked as CVE-2025-30406. The root cause? A hard-coded cryptographic key that leaves internet-facing servers dangerously exposed to […]
Hard on the heels of the disclosure of CVE-2025-24813, a RCE flaw in Apache Tomcat actively leveraged in the wild shortly after the release of its PoC, another vulnerability identified as CVE-2025-1449 that can be exploited remotely comes into the spotlight. Once weaponized, CVE-2025-1449 gives admin-level threat actors the green light to run arbitrary commands. […]
A novel max-severity RCE vulnerability (CVE-2025-27364) in MITRE Caldera poses a serious risk of system compromise. The flaw can also be chained with another Parallels Desktop security issue, CVE-2024-34331, to double the risks of threats. If exploited, these security issues could provide hackers with full system control, causing unauthorized access, data breaches, and further lateral […]
Adversaries carry out high-profile in-the-wild attacks by weaponizing RCE vulnerabilities impacting Atlassian Confluence servers. A newly uncovered RCE vulnerability in the Confluence Data Center and Confluence Server has been observed under active exploitation just a few days after its discovery. The critical flaw tracked as CVE-2023-22527 with the highest possible CVSS score of 10.0 affects […]