Decades-old command resurfaces in modern malware campaigns

The "finger" command remains exploitable for remote code execution even after years of disuseAttackers use batch scripts to ...
Digital Journal

Microsoft’s SharePoint server remote code execution zero-day vulnerability

Microsoft has released its August 2025 Patch package, a cumulative set of updates addressing more than 100 vulnerabilities across a host of its products. Microsoft’s SharePoint Server Remote Code ...
Bleeping Computer

DrayTek warns of remote code execution bug in Vigor routers

Networking hardware maker DrayTek released an advisory to warn about a security vulnerability in several Vigor router models that could allow remote, unauthenticated actors to execute perform ...
The Register on MSN

Weaponized file name flaw makes updating glob an urgent job

PLUS: CISA issues drone warning; China-linked DNS-hijacking malware; Prison for BTC Samourai; And more Infosec In Brief ...
SecurityWeek

Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day

A recently patched Oracle Identity Manager vulnerability tracked as CVE-2025-61757 may have been exploited as a zero-day.
Dark Reading

Critical Fortinet FortiWeb WAF Bug Exploited in the Wild

A critical Fortinet FortiWeb vulnerability capable of remote code execution has been exploited in the wild.