Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
CSOonline

Remote code execution flaws in Spring and Spring Cloud frameworks put Java apps at risk

A remote code execution vulnerability in Spring Framework has sparked fears that it could have a widespread impact across enterprise environments. Spring is one of the most popular open-source ...
Computing

Critical Redis vulnerability: tens of thousands at risk of remote code execution attacks

The Redis security team has issued a warning to system administrators and cloud infrastructure providers after discovering a critical vulnerability that could allow threat actors to remotely hijack ...
Bleeping Computer

Microsoft April 2024 Patch Tuesday fixes 150 security flaws, 67 RCEs

Update 4/9/24: Added information on two zero-day vulnerabilities that Microsoft did not initially mark as exploited. Today is Microsoft's April 2024 Patch Tuesday, which includes security updates for ...