Drupal, the widely popular content management system for websites, has been found to have a "highly critical" remote code execution (RCE) vulnerability that requires immediate patching. The ...

Bricks Builder is a popular WordPress development theme that makes it easy to create attractive and fast performing websites in hours that would costs up to $20,000 of development time to do from ...

A critical vulnerability in the WPvivid Backup & Migration plugin for WordPress, installed on more than 900,000 websites, can be exploited to achieve remote code execution by uploading arbitrary files ...

SmarterMail administrators have an urgent security update to prioritize: a critical unauthenticated remote code execution (RCE) vulnerability with a CVSS score of 9.3 has been patched. The flaw is ...

Ransomware gangs are now targeting a recently patched critical vulnerability in JetBrains' TeamCity continuous integration and deployment server. The flaw (tracked as CVE-2023-42793 and tagged with a ...

RCE flaw and DNS zero-day top list of Patch Tuesday bugs An RCE vulnerability in a Microsoft messaging feature and a third-party flaw in a DNS authentication protocol are the most pressing issues to ...

The cybersecurity agency encouraged organizations to address the remote code execution (RCE) vulnerability in Ivanti Standalone Sentry. CISA Thursday encouraged patching to address a critical-severity ...

A Microsoft scripting engine vulnerability has been exploited as a zero-day in the wild, leading to unauthenticated attackers achieving remote code execution (RCE). Microsoft hasn’t released any ...

A critical vulnerability has been reported in WPML — a multilingual WordPress plugin with more than a million installations globally — that allows remote code execution on affected WordPress sites.

A US security agency has warned SolarWinds Web Help Desk users that a remote code execution (RCE) vulnerability patched by the vendor last week is being actively exploited. The US Cybersecurity and ...