SecurityWeek

SonicWall Patches Exploited SMA 1000 Zero-Day

Threat actors are chaining CVE-2025-40602, a fresh SonicWall zero-day, with CVE-2025-23006 for unauthenticated remote code ...
CSO Online

HPE OneView vulnerable to remote code execution attack

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately.
The Hacker News

.NET SOAPwn Flaw Opens Door for File Writes and Remote Code Execution via Rogue WSDL

Research shows a .NET proxy design flaw enables file writes and RCE through attacker-supplied WSDL in multiple products.

Google links more Chinese hacking groups to React2Shell attacks

Over the weekend, ​Google's threat intelligence team linked five more Chinese hacking groups to attacks exploiting the ...
Bleeping Computer

Apache fixes critical OFBiz remote code execution vulnerability

Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.