Decades-old command resurfaces in modern malware campaigns

The "finger" command remains exploitable for remote code execution even after years of disuseAttackers use batch scripts to ...
Infosecurity Magazine

New GDI Flaws Could Enable Remote Code Execution in Windows

Flaws in Windows Graphics Device Interface (GDI) have been identified that allow remote code execution and information disclosure ...
Digital Journal

Microsoft’s SharePoint server remote code execution zero-day vulnerability

Microsoft has released its August 2025 Patch package, a cumulative set of updates addressing more than 100 vulnerabilities across a host of its products. Microsoft’s SharePoint Server Remote Code ...
SecurityWeek

Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day

A recently patched Oracle Identity Manager vulnerability tracked as CVE-2025-61757 may have been exploited as a zero-day.
Bleeping Computer

DrayTek warns of remote code execution bug in Vigor routers

Networking hardware maker DrayTek released an advisory to warn about a security vulnerability in several Vigor router models that could allow remote, unauthenticated actors to execute perform ...
Dark Reading

Critical Fortinet FortiWeb WAF Bug Exploited in the Wild

A critical Fortinet FortiWeb vulnerability capable of remote code execution has been exploited in the wild.