RCE – NuclearCoffee

Hacker news

Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover

On Mar 20, 2026 6:30 pm, by NuclearCoffee

Ravie LakshmananMar 20, 2026Web Security / Vulnerability Sansec is warning of a critical security flaw in Magento’s REST API that could allow unauthenticated attackers to upload arbitrary executables… Continue reading

Hacker news

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE

On Mar 18, 2026 1:41 pm, by NuclearCoffee

Ravie LakshmananMar 18, 2026Vulnerability / Data Protection Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon (telnetd) that could be exploited by an… Continue reading

Hacker news

AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE

On Mar 17, 2026 7:24 pm, by NuclearCoffee

Cybersecurity researchers have disclosed details of a new method for exfiltrating sensitive data from artificial intelligence (AI) code execution environments using domain name system (DNS) queries. In a… Continue reading

Hacker news

CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed

On Mar 12, 2026 6:35 am, by NuclearCoffee

Ravie LakshmananMar 12, 2026Vulnerability / Enterprise Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting n8n to its Known Exploited… Continue reading

Hacker news

OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws & 20+ Stories

On Feb 19, 2026 4:18 pm, by NuclearCoffee

Ravie LakshmananFeb 19, 2026Cybersecurity / Hacking News The cyber threat space doesn’t pause, and this week makes that clear. New risks, new tactics, and new security gaps are… Continue reading

Hacker news

AI Prompt RCE, Claude 0-Click, RenEngine Loader, Auto 0-Days & 25+ Stories

On Feb 12, 2026 1:23 pm, by NuclearCoffee

Ravie LakshmananFeb 12, 2026Cybersecurity / Hacking News Threat activity this week shows one consistent signal — attackers are leaning harder on what already works. Instead of flashy new… Continue reading

Hacker news

BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA

On Feb 09, 2026 10:13 pm, by NuclearCoffee

Ravie LakshmananFeb 09, 2026Enterprise Security / Network Security BeyondTrust has released updates to address a critical security flaw impacting Remote Support (RS) and Privileged Remote Access (PRA) products… Continue reading

Hacker news

SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers

On Feb 09, 2026 4:07 pm, by NuclearCoffee

Ravie LakshmananFeb 09, 2026Vulnerability / Endpoint Security Microsoft has revealed that it observed a multi‑stage intrusion that involved the threat actors exploiting internet‑exposed SolarWinds Web Help Desk (WHD)… Continue reading

Hacker news

Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

On Feb 05, 2026 2:45 pm, by NuclearCoffee

Ravie LakshmananFeb 05, 2026Cybersecurity / Hacking News This week didn’t produce one big headline. It produced many small signals — the kind that quietly shape what attacks will… Continue reading

Hacker news

CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog

On Feb 04, 2026 6:25 pm, by NuclearCoffee

Ravie LakshmananFeb 04, 2026Software Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD)… Continue reading

Tag: RCE

Stay Connected