Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers

A maximum severity vulnerability in the FreeScout helpdesk platform allows hackers to achieve remote code execution without any user interaction or authentication.
Bleeping Computer

Apache fixes remote code execution bypass in Tomcat web server

Apache has released a security update to address an important vulnerability in Tomcat web server that could lead to an attacker achieving remote code execution. Apache Tomcat is an open-source web ...

Claude collaboration tools left the door wide open to remote code execution

Anthropic fixed the flaws – but the AI-enabled attack surfaces remain Security vulnerabilities in Claude Code could have allowed attackers to remotely execute code on users' machines and steal API ...
Infosecurity Magazine

Zero-Click FreeScout Bug Enables Remote Code Execution

Ox Security warns that Mail2Shell could enable threat actors to hijack FreeScout systems without user interaction ...

India's cyber security agency has issued security alert for Google Chrome browser: Check if you are affected and how to fix it

CERT-In has issued a high-severity warning for Google Chrome users, citing vulnerabilities that could allow remote code execution. The advisory urges users to update their browser to the latest ...
SecurityWeek

SolarWinds Patches Four Critical Serv-U Vulnerabilities

SolarWinds has patched four critical-severity remote code execution vulnerabilities in the Serv-U enterprise file transfer product.
SecurityWeek

VMware Aria Operations Vulnerability Could Allow Remote Code Execution

Broadcom has released patches for several vulnerabilities affecting VMware Aria Operations, including high-severity flaws.

Microsoft plugs remote code vulnerability in Notepad app on Windows 11

Microsoft fixes a critical Notepad vulnerability in Windows 11 that could allow remote code execution via malicious Markdown files. Here are the details ...