TweakTown

WinRAR 'high-risk' exploit discovered, make sure you update to the latest release

TL;DR: WinRAR has a critical security vulnerability (CVE-2025-6218) allowing remote code execution via directory traversal in Windows versions. This exploit risks sensitive data and system integrity.
CSOonline

Gladinet file sharing zero-day brings patched flaw back from the dead

Criminals have been spotted exploiting a new zero-day vulnerability in Gladinet CentreStack and Triofox file sharing servers that could allow them to re-create the conditions of an earlier flaw ...
CSOonline

Attackers exploit zero-day RCE flaw in Cleo managed file transfer

The exploit takes advantage of a known file upload vulnerability that was not efficiently patched and can still be exploited in up-to-date versions of Cleo LexiCom, VLTrader and Harmony products.
Infosecurity-magazine.com

Vulnerability in Windows Driver Leads to System Crashes

A newly discovered vulnerability, identified as CVE-2024-6768, has surfaced in the Common Log File System (CLFS.sys) driver of Windows. This issue, identified by Fortra cybersecurity researcher, ...
Hosted on MSN

WinRAR exploit enables attackers to run malicious code on your PC — critical vulnerability patched in latest beta update

A significant security exploit in WinRAR, the popular file archiver software, was recently reported via Trend Micro’s Zero Day Initiative. The directory traversal vulnerability identified as ...
Dark Reading

1 PoC Exploit for Critical RCE Flaw, but 2 Patches From Veeam

A researcher has released a proof-of-concept (PoC) exploit and analysis for a critical vulnerability, tracked as CVE-2024-40711, used in Veeam's backup and replication software. As an unauthenticated ...
Dark Reading

Apache Tomcat RCE Vulnerability Under Fire With 2-Step Exploit

A vulnerability found in Apache Tomcat, tracked as CVE-2025-24813, is being actively exploited in the wild. The remote code execution (RCE) bug allows attackers to take over servers using a PUT API ...