RCE

Critical 0-Days (CVSS 10): Versa Concerto Flaws Risk Full System Compromise

2 min read

• Security

Critical 0-Days (CVSS 10): Versa Concerto Flaws Risk Full System Compromise

Do Son May 28, 2025

Three zero-day vulnerabilities have been discovered within the networks of major telecommunications companies with direct exposure to...

Read More Read more about Critical 0-Days (CVSS 10): Versa Concerto Flaws Risk Full System Compromise

MeteoBridge Vulnerable: Unauthenticated Attack Allows Root Access via CGI Script

2 min read

• Security

MeteoBridge Vulnerable: Unauthenticated Attack Allows Root Access via CGI Script

Do Son May 28, 2025

The ONEKEY Research Lab team has uncovered a critical vulnerability in the firmware of MeteoBridge—a compact device...

Read More Read more about MeteoBridge Vulnerable: Unauthenticated Attack Allows Root Access via CGI Script

CefSharp Flaws Exposed: New CefEnum Tool Reveals RCE Risks in .NET Apps

2 min read

• Security

CefSharp Flaws Exposed: New CefEnum Tool Reveals RCE Risks in .NET Apps

Do Son May 26, 2025

Developers of .NET applications who integrate the CefSharp framework to embed Chromium-based browsers into desktop software now...

Read More Read more about CefSharp Flaws Exposed: New CefEnum Tool Reveals RCE Risks in .NET Apps

Netwrix Password Secure Flaw: Authenticated RCE Puts User Systems at Risk

2 min read

• Security

Netwrix Password Secure Flaw: Authenticated RCE Puts User Systems at Risk

Do Son May 26, 2025

A critical vulnerability has been discovered in the enterprise solution Netwrix Password Secure, enabling authenticated attackers to...

Read More Read more about Netwrix Password Secure Flaw: Authenticated RCE Puts User Systems at Risk

Critical 0-Day (CVSS 9.8) in Fortinet Products Actively Exploited, PoC Available

2 min read

• Security

Critical 0-Day (CVSS 9.8) in Fortinet Products Actively Exploited, PoC Available

Do Son May 26, 2025

Experts have released an in-depth analysis of the critical zero-day vulnerability CVE-2025-32756, which affects multiple Fortinet products....

Read More Read more about Critical 0-Day (CVSS 9.8) in Fortinet Products Actively Exploited, PoC Available

Cityworks Under Attack: 0-Day Used by Chinese APT for RCE and Persistence

2 min read

• Security

Cityworks Under Attack: 0-Day Used by Chinese APT for RCE and Persistence

Do Son May 24, 2025

A Chinese cybercriminal group identified as UAT-6382 has been observed exploiting a vulnerability in Trimble Cityworks software...

Read More Read more about Cityworks Under Attack: 0-Day Used by Chinese APT for RCE and Persistence

CISA Warns: Actively Exploited Windows Zero-Days Added to KEV Catalog

2 min read

• Security

CISA Warns: Actively Exploited Windows Zero-Days Added to KEV Catalog

Do Son May 17, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) catalog, adding...

Read More Read more about CISA Warns: Actively Exploited Windows Zero-Days Added to KEV Catalog

Zero-Day Exploit Targets Gladinet CentreStack: Critical RCE Vulnerability

2 min read

• Security

Zero-Day Exploit Targets Gladinet CentreStack: Critical RCE Vulnerability

Do Son April 12, 2025

Hackers are actively exploiting a zero-day vulnerability to compromise secure Gladinet CentreStack file-sharing servers. According to a...

Read More Read more about Zero-Day Exploit Targets Gladinet CentreStack: Critical RCE Vulnerability

Critical CrushFTP Vulnerability (CVE-2025-31161) Exploited, Added to CISA KEV Catalog

2 min read

• Security

Critical CrushFTP Vulnerability (CVE-2025-31161) Exploited, Added to CISA KEV Catalog

Do Son April 10, 2025

A critical vulnerability in the CrushFTP product, actively exploited by malicious actors, has now been added to...

Read More Read more about Critical CrushFTP Vulnerability (CVE-2025-31161) Exploited, Added to CISA KEV Catalog