Threats Tagged 'remote'
View all threats tagged with 'remote'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'remote'
Click on any threat for detailed analysis and mitigation recommendations
WhatsApp phishing attack uses fake business docs to hack PCs 0 A malware campaign is targeting WhatsApp users globally by sending deceptive VBScript files disguised as business and financial documents from compromised contacts. When executed on Windows, the VBScript disables User Account Control (UAC) protections and silently installs ManageEngine Endpoint Central software configured to connect to attacker-controlled servers, granting remote access to the victim's PC. The campaign affects multiple countries and uses localized filenames to increase effectiveness. The exact method of WhatsApp account compromise is unknown. Users are advised to verify files received via WhatsApp and scan them before execution. Join the discussion | Bleeping Computer | 06/22/2026, 22:42:21 UTC Added: 06/22/2026, 23:09:13 UTC |
FFmpeg fixes PixelSmash flaw in widely used video decoder 0 The PixelSmash vulnerability (CVE-2026-8461) is a heap out-of-bounds write flaw in the MagicYUV decoder of FFmpeg's libavcodec library. It affects video files in AVI, MKV, and MOV formats and can be triggered by opening or scanning such files. This flaw can cause denial-of-service conditions in multiple media applications and potentially enable remote code execution (RCE) on Jellyfin and Nextcloud servers under specific conditions. Exploitation for RCE requires Address Space Layout Randomization (ASLR) to be disabled or chained with another vulnerability to bypass this protection. FFmpeg version 8.1.2 addresses this issue, and some applications have implemented mitigations such as disabling vulnerable decoders or adding file format blocklists. Join the discussion | Bleeping Computer | 06/22/2026, 21:05:01 UTC Added: 06/22/2026, 21:09:14 UTC |
AutoJack: How a single page can RCE the host running your AI agent 0 AutoJack is a novel exploit chain showing how a single malicious webpage can turn an AI browsing agent into a remote code execution vector on the host machine. By abusing trust in localhost, missing authentication, and unsafe parameter handling, attackers can trigger arbitrary process execution through AutoGen Studio’s MCP WebSocket. The research highlights a broader pattern - when agents can browse untrusted content and access local services, traditional boundaries like localhost are no longer secure. The post AutoJack: How a single page can RCE the host running your AI agent appeared first on Microsoft Security Blog . Join the discussion | Microsoft Security Blog | 06/19/2026, 00:17:54 UTC Added: 06/20/2026, 00:04:36 UTC |
CryptoBandits Malware Doubles as a Backdoor, Abuses Tor 0 CryptoBandits uses a local SOCKS5 proxy for traffic routing, blending data theft with remote code execution. The post CryptoBandits Malware Doubles as a Backdoor, Abuses Tor appeared first on SecurityWeek . Join the discussion | SecurityWeek | 06/19/2026, 11:19:41 UTC Added: 06/19/2026, 11:20:08 UTC |
F5 Patches Critical, High-Severity NGINX Vulnerabilities 0 Critical flaws in NGINX could allow remote, unauthenticated attackers to cause a restart and potentially execute arbitrary code. The post F5 Patches Critical, High-Severity NGINX Vulnerabilities appeared first on SecurityWeek . Join the discussion | SecurityWeek | 06/18/2026, 09:39:24 UTC Added: 06/18/2026, 09:50:04 UTC |
Exploit-DB RSS Feed | 05/29/2026, 00:00:00 UTC Added: 06/17/2026, 11:08:10 UTC | |
Grav CMS 2.0.0-beta.2 - Remote Code Execution 0 Grav CMS 2.0.0-beta.2 - Remote Code Execution Join the discussion | Exploit-DB RSS Feed | 05/26/2026, 00:00:00 UTC Added: 06/17/2026, 11:03:39 UTC |
Exploit-DB RSS Feed | 05/27/2026, 00:00:00 UTC Added: 06/17/2026, 11:03:39 UTC | |
MixPHP Framework 2.2.17 - Unsafe Deserialization Remote Code Execution 0 MixPHP Framework 2.2.17 - Unsafe Deserialization Remote Code Execution Join the discussion | Exploit-DB RSS Feed | 05/29/2026, 00:00:00 UTC Added: 06/17/2026, 11:03:38 UTC |
Quick Playground for WordPress 1.3.1 - Unauthenticated Remote Code Execution 0 Quick Playground for WordPress 1.3.1 - Unauthenticated Remote Code Execution Join the discussion | Exploit-DB RSS Feed | 05/29/2026, 00:00:00 UTC Added: 06/17/2026, 11:03:38 UTC |
Showing 1 to 10 of 92 results