Polygon

Dark Souls PvP servers taken offline to fix dangerous exploit

FromSoftware and Bandai Namco are temporarily closing down player-versus-player multiplayer access to the Dark Souls games on Windows PC after a dangerous remote code execution (RCE) exploit became ...
Ars Technica

Vulnerability with 9.8 severity in Control Web Panel is under active exploit

Malicious hackers have begun exploiting a critical vulnerability in unpatched versions of the Control Web Panel, a widely used interface for web hosting. “This is an unauthenticated RCE,” members of ...
CSO Online

HPE OneView vulnerable to remote code execution attack

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately.
Bleeping Computer

Public Windows PrintNightmare 0-day exploit allows domain takeover

Update: Microsoft acknowledged PrintNightmare as a zero-day that has been affecting all Windows versions since before June 2021 security updates. Technical details and a proof-of-concept (PoC) exploit ...
Security Boulevard

Real Attacks of the Week: How Spyware Beaconing and Exploit Probing Are Shaping Modern Intrusions

Over the past week, enterprise security teams observed a combination of covert malware communication attempts and aggressive probing of publicly exposed infrastructure. These incidents, detected ...
CSO Online

Gladinet servers file-sharing servers allow remote code execution

Static AES keys are enabling attackers to decrypt access tokens and reach remote code execution, triggering urgent patch ...
Ars Technica

CD-indexing cue files are the core of a serious Linux remote code exploit

It has been a very long time since the average computer user thought about .cue files, or cue sheets, the metadata bits that describe the tracks of an optical disc, like a CD or DVD. But cue sheets ...

Hackers exploit unpatched Gogs zero-day to breach 700 servers

An unpatched zero-day vulnerability in Gogs, a popular self-hosted Git service, has enabled attackers to gain remote code execution on Internet-facing instances and compromise hundreds of servers.
Polygon

Dark Souls maker fixing dangerous PC exploit, looking at impact on Elden Ring

Dark Souls series developer FromSoftware and publisher Bandai Namco offered fans an update on Wednesday on the dangerous exploit found in the Windows PC version of the games, which led to the ...
PC World

Hacker publishes alleged zero-day exploit for older Plesk versions

A hacker released what he claims is a zero-day exploit for older versions of the Parallels Plesk Panel, a popular Web hosting administration software package, that could allow attackers to inject ...
Threat Post

Working Exploit Is Out for VMware vCenter CVE-2021-22005 Flaw

UPDATE: Indicators of compromise are now available. The unredacted RCE exploit released on Monday allows unauthenticated, remote attackers to upload files to the vCenter Server analytics service. A ...