A new variant of the Mirai-based botnet malware Aquabot has been observed actively exploiting CVE-2024-41710, a command injection vulnerability in Mitel SIP phones. The activity was discovered by ...

Fortinet is warning about a remote unauthenticated command injection flaw in FortiSIEM that has in-the-wild exploit code, making it critical for admins to apply the latest security updates. FortiSIEM ...

CVE-2025-53967 allows remote code execution via figma-developer-mpc command injection flaw Vulnerability stems from unvalidated input passed to shell commands using child_process.exec Users should ...

A newly identified malware campaign has been observed exploiting a command injection flaw in digital video recorder (DVR) devices to deploy a Mirai-based botnet, according to analysis by FortiGuard ...

SAP has released 15 new security notes, including two addressing critical code injection flaws in S/4HANA and Commerce.

Four newly discovered vulnerabilities in the fault simulation platform can lead to OS command injection and cluster takeover, even from unprivileged pods. Researchers have found critical ...

A critical vulnerability in OpenAI Group PBC’s Codex coding agent could have exposed sensitive GitHub authentication tokens through a command injection flaw, according to a new report out today from ...

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's ...

Attackers who exploited a zero-day vulnerability in BeyondTrust Privileged Remote Access and Remote Support products in December likely also exploited a previously unknown SQL injection flaw in ...

While more and more people are using AI for a variety of purposes, threat actors have already found security flaws that can turn your helpful assistant into their partner in crime without you even ...