Malicious Hugging Face Models Could Trigger Remote Code Execution

A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI ...
SecurityWeek

Exploit Code Published for Critical Flowise RCE Vulnerability

Proof-of-concept (PoC) code has been published for a one-click RCE vulnerability in open source LLM building platform Flowise.
Bleeping Computer

Critical Windows Netlogon RCE flaw now exploited in attacks

The Centre for Cybersecurity Belgium (CCB), the country's national authority for cybersecurity, warned on Friday that threat actors are now exploiting a recently patched critical Windows Netlogon ...
Bleeping Computer

Veeam warns of critical flaws exposing backup servers to RCE attacks

Data protection company Veeam Software has patched multiple flaws in its Backup & Replication solution, including four critical remote code execution (RCE) vulnerabilities. VBR is enterprise data ...
The Hacker News

Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code

A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an ...
Dark Reading

Windows Zero-Day Bug Exploited for Browser-Led RCE

A Microsoft scripting engine vulnerability has been exploited as a zero-day in the wild, leading to unauthenticated attackers achieving remote code execution (RCE). Microsoft hasn’t released any ...