News

The TechCrunch Cyber Glossary
This glossary includes the most common terms and expressions TechCrunch uses in our security reporting, and explanations of ...
Active! Mail RCE flaw exploited in attacks on Japanese orgs
An Active! Mail zero-day remote code execution vulnerability is actively exploited in attacks on large organizations in Japan ...
The Hacker News14h
Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised
Threat actors exploited Craft CMS zero-days CVE-2025-32432 and CVE-2024-58136, compromising 300 of 13,000 vulnerable servers.
Hosted on MSN7mon
Critical remote code execution flaw in Apache OFBiz patched
The bug is an arbitrary code execution flaw, allowing threat actors to run any code on either Windows, or Linux servers. Apache OFBiz (short for Open For Business) is an open-source enterprise ...
The Hacker News4d
Critical Commvault Command Center Flaw Enables Attackers to Execute Code Remotely
"A critical security vulnerability has been identified in the Command Center installation, allowing remote attackers to execute arbitrary code without authentication," Commvault said in an advisory ...
CSO Online3d
Commvault warns of critical Command Center flaw
The flaw, tracked as CV-2025-34028, could allow remote attackers to execute arbitrary code without authentication on affected ...
SecurityWeek11d
Critical Erlang/OTP SSH Flaw Exposes Many Devices to Remote Hacking
Servers exposed to complete takeover due to CVE-2025-32433, an unauthenticated remote code execution flaw in Erlang/OTP ...
CISA tags SonicWall VPN flaw as actively exploited in attacks
CISA warned federal agencies to secure their SonicWall Secure Mobile Access (SMA) 100 series appliances against attacks ...
SecurityWeek14d
Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit
A threat actor claims to offer a zero-day exploit for an unauthenticated remote code execution vulnerability in Fortinet ...