TweakTown

Call of Duty: WWII taken offline after RCE vulnerability let hackers take over PCs

TL;DR: Activision Blizzard has taken Call of Duty: WWII on PC offline from the Xbox App due to a critical remote code execution vulnerability. This security flaw allows hackers to hijack PCs, causing ...
Bleeping Computer

Over 14,000 F5 BIG-IP APM instances still exposed to RCE attacks

Internet threat-monitoring non-profit Shadowserver has found over 14,000 BIG-IP APM instances exposed online amid ongoing attacks exploiting a critical-severity remote code execution (RCE) ...
Bleeping Computer

Broadcom fixes critical RCE bug in VMware vCenter Server

Broadcom has fixed a critical VMware vCenter Server vulnerability that attackers can exploit to gain remote code execution on unpatched servers via a network packet. vCenter Server is the central ...
CSOonline

Critical plugin flaw opens over a million WordPress sites to RCE attacks

A critical vulnerability has been reported in WPML — a multilingual WordPress plugin with more than a million installations globally — that allows remote code execution on affected WordPress sites.
Dark Reading

Windows Zero-Day Bug Exploited for Browser-Led RCE

A Microsoft scripting engine vulnerability has been exploited as a zero-day in the wild, leading to unauthenticated attackers achieving remote code execution (RCE). Microsoft hasn’t released any ...
Dark Reading

Patch Now: Critical Fortinet RCE Bug Under Active Attack

As expected, cyberattackers have pounced on a critical remote code execution (RCE) vulnerability in the Fortinet Enterprise Management Server (EMS) that was patched last week, allowing them to execute ...
CSOonline

Hackers exploit unpatched Erlang/OTP to crack OT firewalls

A max-severity RCE vulnerability in Erlang’s OTP SSH daemon, CVE-2025-32433, was actively exploited in OT networks across six countries, targeting firewalls in critical infrastructure sectors. A ...
Neowin

Unity discloses severe RCE vulnerability, urges developers to apply patches

Unity has disclosed a particularly severe vulnerability affecting all games going back to 2017. Malicious actors can utilize this security issue to gain access to data on your machine. Unity is a ...
The Enterprise

Critical n8n Security Update: Public RCE Vulnerability PoC Now Available

SecureLayer7 Blackf0g researcher team A critical RCE vulnerability in n8n has been identified and patched. n8n’s AI workflow platform is widely used by enterprises. CVE-2026-25049 shows why deep, ...
CRN

CISA Urges Patching For ‘Critical’ Ivanti Vulnerability

The cybersecurity agency encouraged organizations to address the remote code execution (RCE) vulnerability in Ivanti Standalone Sentry. CISA Thursday encouraged patching to address a critical-severity ...
Infosecurity-magazine.com

SolarWinds Web Help Desk Vulnerability Actively Exploited

A US security agency has warned SolarWinds Web Help Desk users that a remote code execution (RCE) vulnerability patched by the vendor last week is being actively exploited. The US Cybersecurity and ...