Skip to main content

Tag: code execution

30 articles

Bootloader circuit board with microcontroller and components on a neutral background.

U-Boot Flaws Expose Devices to Code Execution, Crashes

Six newly discovered flaws in U-Boot, a widely used bootloader, leave devices from home routers to data-center servers vulnerable to code execution and crashes, posing a significant risk to everything that loads after it. These vulnerabilities can be exploited before the operating system even starts, undermining the entire security chain.

Analyst 207
Laptop and smartphone sit on a minimalist desk in soft daylight.

OpenClaw Flaws Expose Hosts to Code Execution via WhatsApp

Three newly patched flaws in the OpenClaw personal AI assistant could let hackers execute code on your device via WhatsApp, putting sensitive data like SSH keys, AWS credentials, and GPG secrets at risk. This alarming vulnerability was addressed in OpenClaw version 2026.6.6.

Analyst 207
Laptop screen with blurred code on a cluttered modern office desk.

AI Security Tools Expose Vulnerability to Cyber-Attacks

Researchers have uncovered a chilling vulnerability in AI-powered security tools, allowing hackers to remotely execute malicious code and wreak havoc on even the most secure systems. This shocking exploit, demonstrated through a proof-of-concept attack on popular AI coding agents, highlights a critical weakness that leaves defenses wide open.

Analyst 207
Government facility with computer terminals and a laptop screen displaying a blurred warning message.

CISA Mandates Patching of Exploited Adobe ColdFusion Flaw

Adobe has issued a warning to patch a critical flaw, CVE-2026-48282, in ColdFusion versions 2025.9, 2023.20, and earlier, as attackers have already begun exploiting it just two hours after disclosure. Admins are urged to deploy the updates within 72 hours to prevent code execution on unpatched systems.

Analyst 207
Small industrial control system on a neutral surface with a factory background.

Vulnerabilities in FatFs Filesystem Expose Millions of Embedded Devices to Code Execution

Millions of embedded devices are at risk of code execution due to seven vulnerabilities in the widely-used FatFs filesystem, which can be easily exploited with physical access, effectively leading to a jailbreak. This set of flaws, ranging from medium to high severity, poses a significant threat to device security.

Analyst 207
Technicians work in a dimly lit server room with rows of rack-mounted equipment and cables on the floor.

libssh2 Flaw Exposes Clients to Code Execution Risk

A critical flaw in libssh2, known as CVE-2026-55200, can be exploited by a malicious SSH server to trigger memory corruption on a connecting client, with no credentials or user interaction required. This vulnerability can be easily triggered with a public proof-of-concept now available.

Analyst 207
Developer workstation with IDE open, laptop screen showing code, and terminal in background.

Amazon Q Developer Flaw Lets Malicious Repos Run Code via MCP Configs

A high-severity flaw in Amazon Q Developer, tracked as CVE-2026-12957, allowed malicious repositories to run commands and steal cloud credentials simply by being opened in an IDE. This vulnerability put developers at risk of having their sensitive AWS keys, cloud CLI tokens, and API secrets compromised.

Analyst 207
Dimly lit workspace with scattered notes and empty coffee cups, hinting at unease.

Cordyceps Flaws Compromise 300+ GitHub Repositories

A newly discovered flaw, dubbed Cordyceps, has left over 300 GitHub repositories vulnerable to exploitation by unauthenticated users, allowing for code execution, credential theft, and supply-chain compromise. This critical weakness can be easily exploited, putting countless open-source projects at risk.

Analyst 207
Modern software development setting with a laptop displaying a graphical interface on a neutral surface.

Microsoft Fixes AutoGen Studio Flaw That Enabled Code Execution

Microsoft swiftly squashed a potential code execution flaw in AutoGen Studio, ensuring the vulnerable code never made it to users via a PyPI release. The fix addressed a sneaky three-part vulnerability chain, dubbed AutoJack, that could have been exploited to run malicious code.

Analyst 207
Rows of storage servers and networking equipment in a large data center.

Google Vertex AI SDK Flaw Exposes Model Uploads to Hijacking

A newly discovered flaw in the Google Vertex AI SDK for Python left model uploads vulnerable to hijacking, allowing attackers to swap models and execute code within Google's serving infrastructure in a matter of seconds. This vulnerability, found by Palo Alto Networks Unit 42, could be exploited in just 2.5 seconds - a window of opportunity for attackers to wreak havoc.

Analyst 207
A clean and organized technology workspace with a laptop and development tools on a desk.

GitHub Disrupts Supply Chain Attacks by Blocking npm Install Scripts

GitHub is taking a bold step to safeguard the npm ecosystem by blocking install scripts from running by default, tackling the single largest code-execution surface in the ecosystem. This move, part of npm 12's release, aims to prevent supply chain attacks by requiring explicit permission for scripts to run.

Analyst 207
Developer workspace with laptop, terminal, and notes, hinting at software installation.

GitHub Bolsters npm Security to Thwart Supply-Chain Attacks

GitHub's upcoming npm v12 update is a game-changer for supply-chain security, as it will require explicit approval for automated actions like install scripts and dependency resolution that are often exploited by attackers. This move aims to shut down common code-execution paths and give developers, CI/CD pipelines, and security teams greater control over their code.

Analyst 207
Developer workstation with laptop, notes, and coding books under indoor lighting.

GitHub Overhauls npm Defaults to Thwart Script-Based Attacks

GitHub is taking a major step to boost npm security by changing its default settings to block automatic execution of install-time lifecycle scripts, a common vulnerability exploited in script-based attacks. Starting with npm 12, these scripts will require explicit permission to run, unless explicitly allowed via a new allowlist mechanism.

Analyst 207
Node.js application running on a laptop in a developer's workspace with daylight in the background.

Protobuf.js Vulnerabilities Expose Node.js Apps to Code Execution, DoS

A single malicious protobuf schema could be all it takes to trigger crashes, corrupt runtimes, or even execute code in vulnerable Node.js apps, warns Cyera security researcher Assaf Morag. Six newly identified vulnerabilities in protobuf.js, known as Proto6, carry high severity scores and could put your app at risk.

Analyst 207
A smartphone with a blank screen sits on a clean, neutral surface in a softly blurred modern setting.

Google patches actively exploited Android zero-day flaw amid June security updates

Google just patched a high-severity Android flaw that's being actively exploited by hackers, allowing them to gain control of devices running Android 14 or later. The June security update fixes this zero-day vulnerability, along with 123 others, to keep your device safe.

Analyst 207
Blurred laptop in foreground, rows of servers in background, with out-of-focus cables and wires.

AI Agent Executes End-to-End Cyberattack in Under an Hour

In a chilling demonstration of speed and stealth, a sophisticated AI agent executed a devastating cyberattack from start to finish in under an hour, exploiting a vulnerable marimo notebook to gain code execution and ultimately exfiltrating a PostgreSQL database. This alarming intrusion highlights the lightning-fast potential of modern cyber threats.

Analyst 207
Blurred computer terminal surrounded by development notes and empty coffee cups in a brightly-lit coding environment.

GitHub Actions Supply Chain Attack Exfiltrates CI/CD Credentials

A sneaky supply chain attack on GitHub Actions has led to the theft of CI/CD credentials, with hackers using a clever trick to redirect tags to fake commits that hide malicious code. By masquerading as legitimate commits, attackers were able to execute arbitrary code and evade pull request reviews.

Analyst 207
Generic computer server or network equipment rack in a data center setting.

NGINX Vulnerability Exposes Servers to DoS, Potential Code Execution

A critical vulnerability, CVE-2026-42945, has been lurking in NGINX's code for 18 years, exposing servers to potential DoS attacks and code execution - and affecting a staggering third of the top-ranked websites. This heap buffer overflow flaw, rated 9.2 in severity, is a wake-up call for NGINX users to take immediate action.

Analyst 207
Rows of computer servers and networking equipment in a brightly-lit mail server room.

Exim BDAT Flaw Exposes GnuTLS Builds to Code Execution Risk

A newly discovered vulnerability, dubbed Dead.Letter, threatens Exim builds that use GnuTLS, allowing attackers to exploit a use-after-free flaw in BDAT handling and potentially execute malicious code. This critical flaw can be triggered when a specific sequence of BDAT and TLS commands is sent, leading to heap corruption and a heightened risk of code execution.

Analyst 207
Modern office workspace with a laptop and blank screen under ambient daylight.

vm2 Library Vulnerabilities Enable Sandbox Escape and Code Execution

A dozen critical vulnerabilities in the vm2 Node.js library can be exploited by hackers to break free from sandbox restrictions and run malicious code on vulnerable systems. This serious security flaw has been assigned high CVSS scores, emphasizing the urgent need for users to patch their systems.

Analyst 207
Modern workspace with laptop and coding elements in natural daylight.

Vm2 Sandbox Flaw Exposes Host Systems to Code Execution Risk

A critical vulnerability, CVE-2026-26956, in the popular vm2 Node.js library can allow attackers to break free from the sandbox and execute malicious code on your host system, putting your entire environment at risk. To stay safe, upgrade to vm2 version 3.10.5 or later, or 3.11.2 for the latest protection.

Analyst 207
Terminal screen with blurred background of cluttered workstation, symbolic terrarium container broken.

Terrarium Sandbox Flaw Enables Code Execution, Container Escape

A critical flaw in Terrarium's sandbox, rated 9.3 on the CVSS scale, allows attackers to break free from container constraints and execute code with root privileges. This alarming vulnerability, tracked as CVE-2026-5752, stems from a JavaScript prototype chain traversal that lets sandboxed code run amok on the host Node.js process.

Analyst 207
Fragmented code scroll hovers and reassembles in mid-air amidst shattered code shards, set against a dark tech company HQ…

Google Fixes Antigravity Flaw That Enabled Code Execution

Google's Antigravity tool, designed to streamline coding, had a flaw that allowed hackers to run malicious code - but luckily, the tech giant has patched the vulnerability. This fix prevents cyber threats that could have exploited the tool's file-creation capabilities and lax input sanitization.

Analyst 207
Lone figure in shadows holds cracked smartphone, near eerie glowing laptop, against ominous cityscape backdrop.

Protobuf library flaw enables remote JavaScript code execution

A critical flaw in the popular protobuf.js library has been exposed, allowing hackers to execute JavaScript code remotely - and a proof-of-concept exploit has already been published, putting countless systems at risk.

Analyst 207