来自MSN

Alleged 7-Zip arbitrary code execution exploit leaked to Twitter — the 7-Zip author ...

Yesterday, user @NSA_Employee39 allegedly posted a zero-day exploit for the popular open-source file decompression utility 7-Zip on Twitter, only to have 7-Zip author Igor Pavlov swiftly dismiss it as ...
ZDNet

Code execution exploit dings iPhone

Apple's iPhone has failed the security smell test. Researchers at Security Evaluators have found what is believed to be the first remote code execution flaw affecting the device -- a bug that can be ...
Hackaday

Arbitrary Code Execution Over Radio

Computers connected to networks are constantly threatened by attackers who seek to exploit vulnerabilities wherever they can find them. This risk is particularly high for machines connected to the ...

Update your MyAsus software now because there's a fix for a nasty hack that could easily ...

You can also manually prompt it to get the latest update via the Microsoft Store by booting it up and finding the app. The ...
Ars Technica

Code execution 0-day in Windows has been under active exploit for 7 weeks

A critical code execution zero-day in all supported versions of Windows has been under active exploit for seven weeks, giving attackers a reliable means for installing malware without triggering ...
Dark Reading

What You Need to Know About Arbitrary Code Execution Vulnerabilities

They're serious. Notices about arbitrary code execution (ACE) vulnerabilities appear just about every week in alerts from US-CERT — the United States Computer Emergency Readiness Team, a part of the ...
The Hacker News

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

Trend Micro patched a critical Apex Central on-prem Windows flaw (CVE-2025-69258) with CVSS 9.8 that allows remote code ...

This SmarterMail vulnerability allows remote code execution - here's what we know

Business-grade email server software SmarterMail just patched a maximum-severity vulnerability that allowed threat actors to engage in remote code execution (RCE) attacks.
The Hacker News

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

Critical n8n flaw CVE-2025-68668 allows authenticated users to run system commands via workflows; affects versions 1.0.0 to ...

Trend Micro warns of critical Apex Central RCE vulnerability

Japanese cybersecurity software firm Trend Micro has patched a critical security flaw in Apex Central (on-premise) that could allow attackers to execute arbitrary code with SYSTEM privileges.
Bleeping Computer

Apache fixes critical OFBiz remote code execution vulnerability

Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.
Dark Reading

Attackers Exploit Zero-Day in End-of-Life D-Link Routers

"The affected endpoint is also associated with unauthenticated DNS modification ("DNSChanger") behavior documented by D-Link, ...