Security Boulevard

Best of 2025: LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for ...

SafeBreach researchers developed a zero-click PoC exploit that crashes unpatched Windows Servers using the Windows ...
ITmedia

SharePoint Serverにリモートコード実行を可能にする2つの脆弱性 PoCも ...

この記事は会員限定です。会員登録すると全てご覧いただけます。 サイバーセキュリティの研究者が「Microsoft SharePoint Server」(以下、SharePoint Server)に存在する特権昇格の脆弱(ぜいじゃく)性およびリモートコード実行の脆弱性を利用して認証前リモート ...

Google links more Chinese hacking groups to React2Shell attacks

Over the weekend, ​Google's threat intelligence team linked five more Chinese hacking groups to attacks exploiting the maximum-severity "React2Shell" remote code execution vulnerability.
SecurityWeek

SonicWall Patches Exploited SMA 1000 Zero-Day

Threat actors are chaining CVE-2025-40602, a fresh SonicWall zero-day, with CVE-2025-23006 for unauthenticated remote code ...
マイナビニュース

AndroidにBluetooth経由で任意のコードが実行される脆弱性あり

Malwarebytesは12月7日(米国時間)、「Update now! Google patches Android vulnerability that allows remote code execution over ...
CSO Online

HPE OneView vulnerable to remote code execution attack

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately.

HPE warns of maximum severity RCE flaw in OneView software

Hewlett Packard Enterprise (HPE) has patched a maximum-severity vulnerability in its HPE OneView software that enables ...
マイナビニュース

IBM、Cobalt Strike 4.7.1に存在するリモートコード実行の脆弱性を報告

IBMは10月17日(米国時間)、「Analysis of a Remote Code Execution (RCE) Vulnerability in Cobalt Strike 4.7.1」において、「Cobalt Strike 4.7.1」にリモートコード実行(RCE: Remote Code Execution)の脆弱性が存在すると伝えた。Cobalt Strike ...