Threat Post

RCE Exploit Released for IBM Data Risk Manager

Four serious security vulnerabilities in the IBM Data Risk Manager (IDRM) have been identified that can lead to unauthenticated remote code execution (RCE) as root in vulnerable versions, according to ...
Bleeping Computer

Metasploit 6.2.0 improves credential theft, SMB support features, more

Metasploit 6.2.0 has been released with 138 new modules, 148 new improvements/features, and 156 bug fixes since version 6.1.0 was released in August 2021. Metasploit is a penetration testing framework ...
Bleeping Computer

Hackers exploit critical VMware RCE flaw to install backdoors

Advanced hackers are actively exploiting a critical remote code execution (RCE) vulnerability, CVE-2022-22954, that affects in VMware Workspace ONE Access (formerly called VMware Identity Manager).
Dark Reading

Exploit for Fortinet Critical RCE Bug Allows SIEM Root Access

A proof-of-concept exploit (PoC) for a critical vulnerability in Fortinet's FortiSIEM product has emerged, paving the way for broad exploitation. The vulnerability, tracked under CVE-2024-23108, was ...