Bleeping Computer

Exploit code released for critical Ivanti RCE flaw, patch now

A proof-of-concept (PoC) exploit for CVE-2024-29847, a critical remote code execution (RCE) vulnerability in Ivanti Endpoint Manager, is now publicly released, making it crucial to update devices. The ...
Infosecurity Magazine

Attackers Rapidly Weaponize Critical Oracle WebLogic RCE, Honeypot Study Finds

Attackers rapidly exploited a critical Oracle WebLogic RCE flaw the same day exploit code was released, according to a ...
Dark Reading

Apache Tomcat RCE Vulnerability Under Fire With 2-Step Exploit

A vulnerability found in Apache Tomcat, tracked as CVE-2025-24813, is being actively exploited in the wild. The remote code execution (RCE) bug allows attackers to take over servers using a PUT API ...

PTC warns of imminent threat from critical Windchill, FlexPLM RCE bug

PTC Inc. is warning of a critical vulnerability in Windchill and FlexPLM, widely used product lifecycle management (PLM) ...
CSOonline

Big hole in big data: Critical deserialization bug in Apache Parquet allows RCE

A flaw in code for handling Parquet, Apache’s open-source columnar data file format, allows attackers to run arbitrary code on vulnerable instances. The vulnerability, tracked as CVE-2025-30065, is a ...