SecurityWeek

Hackers Exploit Zero-Day in Discontinued D-Link Devices

Threat actors are exploiting CVE-2026-0625, a critical zero-day vulnerability in discontinued D-Link devices for remote code ...
Bleeping Computer

Palo Alto Networks warns of potential PAN-OS RCE vulnerability

Today, cybersecurity company Palo Alto Networks warned customers to restrict access to their next-generation firewalls because of a potential remote code execution vulnerability in the PAN-OS ...
heise online

Vulnerability in PyTorch allows command injection via RPC on the master node

A vulnerability in the machine learning framework allows arbitrary code to be executed on the master node during distributed training. The CERT-Bund of the BSI warns of a vulnerability in PyTorch that ...
TechRadar

Business routers vulnerable to OS command injection attack

Multiple business router models, built by the Taiwanese networking giant Zyxel, carried a critical vulnerability which allowed malicious actors to run any command, remotely. The manufacturer recently ...
Dark Reading

Max-Critical Cisco Bug Enables Command-Injection Attacks

Cisco is warning of a critical security vulnerability found in its Unified industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul (URWB) access points that could allow an ...
Bleeping Computer

CISA orders agencies to patch BeyondTrust bug exploited in attacks

CISA has tagged a command injection vulnerability (CVE-2024-12686) in BeyondTrust's Privileged Remote Access (PRA) and Remote Support (RS) as actively exploited in attacks. As mandated by the Binding ...
Infosecurity-magazine.com

CISA Urges Software Makers to Eliminate OS Command Injection Vulnerabilities

The US government has urged software manufacturers to work towards the elimination of operating system (OS) command injection vulnerabilities. The alert from the Cybersecurity and Infrastructure ...