Weaver E-cology critical bug exploited in attacks since March

Hackers have been exploiting a critical vulnerability (CVE-2026-22679) in the Weaver E-cology office automation since ...
The Hacker News

⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More

Critical cPanel flaw under attack, Copy Fail Linux privilege escalation, TeamPCP supply chain campaign, GitHub RCE & major ...

Hackers exploit RCE flaws in Qinglong task scheduler for cryptomining

Hackers are exploiting two authentication bypass vulnerabilities in the Qinglong open-source task scheduling tool to deploy ...
The Hacker News

Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push

CVE-2026-3854 (CVSS 8.7) enabled GitHub RCE via git push, risking cross-tenant access to millions of repositories.
Windows Report

GitHub Patches Severe RCE Flaw Impacting Enterprise Server Deployments

GitHub patched critical RCE flaw CVE-2026-3854 in hours, preventing potential repo takeover and enterprise server compromise.

From XSS to RCE: How to hijack a DotNetNuke server via a single script injection

Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...
SecurityWeek

Incomplete Windows Patch Opens Door to Zero-Click Attacks

Incomplete patch for a Windows SmartScreen and Windows Shell security prompts bypass created a new bug enabling zero-click ...
Hosted on MSN

Hackers are exploiting a critical RCE Flaw in a popular FTP server — here's what you need to know

Hackers launched attacks just one day after the flaw’s full technical write-up was made public Many servers stayed vulnerable for weeks despite a fix being released long before the disclosure Null ...

Microsoft's patch for a 0-day exploited by Russian spies fell short. Another Windows flaw is under attack

Microsoft and the US Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are exploiting a ...
CSO Online

Critical Cursor bug could turn routine Git into RCE

A flaw in Cursor’s AI agent lets malicious repositories trigger arbitrary code execution through routine Git operations, now ...
GosuGamers

Call of Duty: WWII pulled from Xbox PC Game Pass amid RCE exploit chaos

The Xbox PC release was probably supposed to be a quiet drop, but what players got instead were pop-ups, downloads, and a lawyer’s face on their desktop. Activision has removed Call of Duty: WWII from ...

Miggo Security Launches Miggo Pulse: The First End-to-End Defense Against AI-Accelerated Exploitation

Miggo Security, the leading Application Detection and Response and AI Runtime Defense platform, today announced the launch of Miggo Pulse. Its end-to-end capabilities provide security teams with a ...