Network World

Holes in Veeam Backup suite allow remote code execution, creation of malicious backup config files

The vendor has issued a patch to close four holes in its flagship Backup & Replication suite; version 13 users are advised to ...

This WebUI vulnerability allows remote code execution - here's how to stay safe

Open WebUI, an open-source, self-hosted web interface for interacting with local or remote AI language models, carried a high ...

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...
Bleeping Computer

Apache fixes critical OFBiz remote code execution vulnerability

Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.
CSOonline

Microsoft fixes dangerous zero-click Outlook remote code execution exploit

As part of its Patch Tuesday cycle, Microsoft has fixed a high-risk vulnerability in its Outlook desktop client that could be exploited by attackers to execute malicious code when opening a specially ...
InfoWorld

React2Shell: Anatomy of a max-severity flaw that sent shockwaves through the web

The explosive, easy-to-trigger vulnerability was exploited within hours of disclosure, exposing the risks of default ...