CSO Online

Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both

A simple prompt sent Claude Code on a mission that uncovered major security vulnerabilities in popular text editors — and ...
CSOonline

Microsoft demonstrates remote code execution exploit against PLCs that support CODESYS

Researchers from Microsoft have demonstrated how programmable logic controllers (PLCs) that support the CODESYS runtime can be taken over by exploiting high-severity remote code execution (RCE) ...

Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now

F5 has reclassified a BIG-IP APM denial-of-service (DoS) vulnerability as a critical-severity remote code execution (RCE) flaw, warning that attackers are exploiting it to deploy webshells on ...
Bleeping Computer

Researchers to release PoC exploit for critical ManageEngine RCE bug, patch now

Proof-of-concept exploit code will be released later this week for a critical vulnerability allowing remote code execution (RCE) without authentication in several Zoho ManageEngine products. Tracked ...
Ars Technica

0-day remote execution exploit in the wild for Firefox

As yet it appears the vulnerability is unpatched or only patched in nightlies, so go that bit more careful if you're using Firefox. Its likely a Chinese payload, no word on what the exploit is ...

Zero-day allows code execution in WindChill and FlexPLM

The manufacturer warns and urges admins to urgently secure their instances with a workaround. A patch is still pending.
Computerworld

Windows exploit code coming

As Microsoft recommends that users focus first on installing the MS09-065 patch released Tuesday, experts are agreeing with that advice because exploit code for remote execution appears to be right ...
Morning Overview on MSN

Leaked iPhone exploit kit on GitHub targets older iOS versions

An exploit kit known as Coruna has appeared on GitHub, bundling working attack code for several Apple iOS vulnerabilities ...