Infosecurity Magazine

Attackers Rapidly Weaponize Critical Oracle WebLogic RCE, Honeypot Study Finds

Attackers rapidly exploited a critical Oracle WebLogic RCE flaw the same day exploit code was released, according to a ...
Morning Overview on MSN

Leaked iPhone exploit kit on GitHub targets older iOS versions

An exploit kit known as Coruna has appeared on GitHub, bundling working attack code for several Apple iOS vulnerabilities ...
CSOonline

Microsoft demonstrates remote code execution exploit against PLCs that support CODESYS

Researchers from Microsoft have demonstrated how programmable logic controllers (PLCs) that support the CODESYS runtime can be taken over by exploiting high-severity remote code execution (RCE) ...
Bleeping Computer

Critical Ivanti RCE flaw with public exploit now used in attacks

CISA warned today that a critical Ivanti vulnerability that can let threat actors gain remote code execution on vulnerable Endpoint Manager (EPM) appliances is now actively exploited in attacks.

Zero-day allows code execution in WindChill and FlexPLM

The manufacturer warns and urges admins to urgently secure their instances with a workaround. A patch is still pending.
The Hacker News

Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in Recent Mass Attacks

Coruna reuses Triangulation kernel exploits targeting iOS 13–17.2.1 devices, expanding attacks into mass exploitation ...
Bleeping Computer

Researchers to release PoC exploit for critical ManageEngine RCE bug, patch now

Proof-of-concept exploit code will be released later this week for a critical vulnerability allowing remote code execution (RCE) without authentication in several Zoho ManageEngine products. Tracked ...