SecurityWeek

Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise

A ModelScope MS-Agent vulnerability allows attackers to feed malicious commands to AI agents and modify system files or steal ...
Bleeping Computer

QNAP fixes critical QVR remote command execution vulnerability

QNAP has released several security advisories today, one of them for a critical security issue that allows remote execution of arbitrary commands on vulnerable QVR systems, the company's video ...
SecurityWeek

Zyxel Patches Critical Vulnerability in Many Device Models

Zyxel has patched a critical-severity OS command execution vulnerability that is remotely exploitable via crafted UPnP requests.
Bleeping Computer

Latest Remote Command Execution news

Cisco finally patched a maximum-severity AsyncOS zero-day exploited in attacks targeting Secure Email Gateway (SEG) appliances since November 2025. Modern attacks have shifted focus to the browser, ...
Hosted on MSN

Libraseva urges users to patch now as it issues emergency fix following attacks

Libraesva patched CVE-2025-59689, a medium-severity remote command execution vulnerability Attack exploited compressed email attachments; threat actor likely a ...
Cybernews

Cyber pros find vulnerability in Samsung Tizen OS

The vulnerability poses minimal direct risk but still allows circumvention of the controls Samsung uses to restrict operating ...
CSOonline

Critical remote code execution flaw fixed in popular terminal app for macOS

A security audit sponsored by Mozilla uncovered a critical remote code execution (RCE) vulnerability in iTerm2, a popular open-source terminal app for macOS. The flaw can be exploited if an attacker ...
Threat Post

F5, CISA Warn of Critical BIG-IP and BIG-IQ RCE Bugs

The F5 flaws could affect the networking infrastructure for some of the largest tech and Fortune 500 companies – including Microsoft, Oracle and Facebook. F5 Networks is warning users to patch four ...