Dark Reading

Stealth Bomber: Atlassian Confluence Exploits Drop Web Shells In-Memory

Fresh proof-of-concept (PoC) exploits are circulating in the wild for a widely targeted Atlassian Confluence Data Center and Confluence Server flaw. The new attack vectors could enable a malicious ...
Bleeping Computer

Actively exploited Apache 0-day also allows remote code execution

Proof-of-Concept (PoC) exploits for the Apache web server zero-day surfaced on the internet revealing that the vulnerability is far more critical than originally disclosed. These exploits show that ...
WinBuzzer

10,000+ Claude Desktop Users Exposed by Zero-Click Flaw

A zero-click vulnerability in Claude Desktop Extensions has exposed over 10,000 users to remote code execution through ...
Bleeping Computer

Exploits released for critical Jenkins RCE flaw, patch now

Exploits available With abundant information about the Jenkins flaws now available, many researchers reproduced some of the attack scenarios and created working PoC exploits published on GitHub. The ...
SDxCentral

VU#529659: Howyar Reloader UEFI bootloader vulnerable to unsigned software execution

The Howyar UEFI Application “Reloader” (32-bit and 64-bit), distributed as part of SysReturn prior to version 10.2.02320240919, is vulnerable to the execution of arbitrary software from a hard-coded ...
Threat Post

Bluetooth Bugs Open Billions of Devices to DoS, Code Execution

The BrakTooth set of security vulnerabilities impacts at least 11 vendors’ chipsets. Researchers have disclosed a group of 16 different vulnerabilities collectively dubbed BrakTooth, which impact ...