Threat Post

RCE Exploit Released for IBM Data Risk Manager

Four serious security vulnerabilities in the IBM Data Risk Manager (IDRM) have been identified that can lead to unauthenticated remote code execution (RCE) as root in vulnerable versions, according to ...
Bleeping Computer

New Echobot Variant Exploits 77 Remote Code Execution Flaws

46% of environments had passwords cracked, nearly doubling from 25% last year. Get the Picus Blue Report 2025 now for a comprehensive look at more findings on prevention, detection, and data ...
Threat Post

SMBGhost RCE Exploit Threatens Corporate Networks

The release of a PoC for the Windows flaw known as “SMBGhost” could set off cyberattack waves, CISA warned. The release of a fully functional proof-of-concept (PoC) exploit for a critical, wormable ...
Bleeping Computer

Metasploit 6.2.0 improves credential theft, SMB support features, more

Metasploit 6.2.0 has been released with 138 new modules, 148 new improvements/features, and 156 bug fixes since version 6.1.0 was released in August 2021. Metasploit is a penetration testing framework ...
CSOonline

Attackers exploit zero-day RCE flaw in Cleo managed file transfer

The exploit takes advantage of a known file upload vulnerability that was not efficiently patched and can still be exploited in up-to-date versions of Cleo LexiCom, VLTrader and Harmony products.