Tag: code execution
-
The Register: Mitel 0-day, 5-year-old Oracle RCE bugs under active exploit
Source URL: https://www.theregister.com/2025/01/08/mitel_0_day_oracle_rce_under_exploit/ Source: The Register Title: Mitel 0-day, 5-year-old Oracle RCE bugs under active exploit Feedly Summary: 3 CVEs added to CISA’s catalog Cybercriminals are actively exploiting two vulnerabilities in Mitel MiCollab, including a zero-day flaw, alongside a critical remote code execution vulnerability in Oracle WebLogic Server that has been exploited for at least…
-
The Register: MediaTek rings in the new year with a parade of chipset vulns
Source URL: https://www.theregister.com/2025/01/06/mediatek_chipset_vulnerabilities/ Source: The Register Title: MediaTek rings in the new year with a parade of chipset vulns Feedly Summary: Manufacturers should have had ample time to apply the fixes MediaTek kicked off the first full working week of the new year by disclosing a bevy of security vulnerabilities, including a critical remote code…
-
Hacker News: GPON FTTH networks (in)security (2016)
Source URL: https://pierrekim.github.io/blog/2016-11-01-gpon-ftth-networks-insecurity.html#introduction Source: Hacker News Title: GPON FTTH networks (in)security (2016) Feedly Summary: Comments AI Summary and Description: Yes Summary: The text delves into the (in)security of GPON FTTH networks, particularly focusing on vulnerabilities inherent in devices like the Optical Network Terminal (ONT) used by major ISPs in France. It uncovers significant threats, including…
-
Hacker News: Déjà vu: Ghostly CVEs in my terminal title
Source URL: https://dgl.cx/2024/12/ghostty-terminal-title Source: Hacker News Title: Déjà vu: Ghostly CVEs in my terminal title Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses a critical security vulnerability in the Ghostty terminal emulator, reminiscent of issues previously documented in terminal emulators from 2003. It highlights how in-band signaling can expose users to…
-
The Register: Critical security hole in Apache Struts under exploit
Source URL: https://www.theregister.com/2024/12/17/critical_rce_apache_struts/ Source: The Register Title: Critical security hole in Apache Struts under exploit Feedly Summary: You applied the patch that could stop possible RCE attacks last week, right? A critical security hole in Apache Struts 2, patched last week, is now being exploited using publicly available proof-of-concept (PoC) code.… AI Summary and Description:…
-
The Register: Ransomware scum blow holes in Cleo software patches, Cl0p (sort of ) claims responsibility
Source URL: https://www.theregister.com/2024/12/16/ransomware_attacks_exploit_cleo_bug/ Source: The Register Title: Ransomware scum blow holes in Cleo software patches, Cl0p (sort of ) claims responsibility Feedly Summary: But can you really take crims at their word? Supply chain integration vendor Cleo has urged its customers to upgrade three of its products after an October patch was circumvented, leading to…
-
Simon Willison’s Weblog: Gemini 2.0 Flash: An outstanding multi-modal LLM with a sci-fi streaming mode
Source URL: https://simonwillison.net/2024/Dec/11/gemini-2/#atom-everything Source: Simon Willison’s Weblog Title: Gemini 2.0 Flash: An outstanding multi-modal LLM with a sci-fi streaming mode Feedly Summary: Huge announcment from Google this morning: Introducing Gemini 2.0: our new AI model for the agentic era. There’s a ton of stuff in there (including updates on Project Astra and the new Project…