Iran-nexus hackers target flaws in surveillance cameras

The threat activity echoes prior exploitation during the Israeli war with Hamas, a precursor to attacks against critical ...
The Hacker News

CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog

CISA adds VMware Aria Operations command injection flaw CVE-2026-22719 to KEV after reports of active exploitation; patches released by Broadcom.
SecurityWeek

Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise

A ModelScope MS-Agent vulnerability allows attackers to feed malicious commands to AI agents and modify system files or steal ...
SecurityWeek

Zyxel Patches Critical Vulnerability in Many Device Models

Zyxel has patched a critical-severity OS command execution vulnerability that is remotely exploitable via crafted UPnP requests.
Bleeping Computer

QNAP fixes critical QVR remote command execution vulnerability

QNAP has released several security advisories today, one of them for a critical security issue that allows remote execution of arbitrary commands on vulnerable QVR systems, the company's video ...
Bleeping Computer

Latest Remote Command Execution news

Cisco finally patched a maximum-severity AsyncOS zero-day exploited in attacks targeting Secure Email Gateway (SEG) appliances since November 2025. Modern attacks have shifted focus to the browser, ...
CRN

Palo Alto Networks: ‘Critical’ Firewall Vulnerability Has Seen Exploitation

The flaw affecting some internet-exposed firewall management interfaces had been initially disclosed Nov. 8. A critical-severity vulnerability affecting some internet-exposed Palo Alto Networks ...