The Hacker News

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized ...
SecurityWeek

Anthropic MCP Server Flaws Lead to Code Execution, Data Exposure

Vulnerabilities in Anthropic MCP server could be exploited via prompt injections to execute arbitrary code and read/delete ...
Hackaday

Bluetooth Vulnerability: Arbitrary Code Execution On The ESP32, Among Others

Bluetooth has become widely popular since its introduction in 1999. However, it’s also had its fair share of security problems over the years. Just recently, a research group from the Singapore ...

This SmarterMail vulnerability allows remote code execution - here's what we know

A maximum-severity flaw was just patched, and users are urged to apply the fix immediately.
Hackaday

Arbitrary Code Execution Over Radio

Computers connected to networks are constantly threatened by attackers who seek to exploit vulnerabilities wherever they can find them. This risk is particularly high for machines connected to the ...
The Hacker News

Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution

Fortinet patches a critical FortiSIEM vulnerability (CVE-2025-64155) that allows unauthenticated remote code execution via ...
Security Boulevard

CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Command Injection ...

Exploit code has been published for CVE-2025-64155, a critical command injection vulnerability affecting Fortinet FortiSIEM ...
Bleeping Computer

Apache fixes critical OFBiz remote code execution vulnerability

Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.