Bleeping Computer

Latest Command Injection news

Zyxel has released security updates to address a critical vulnerability impacting multiple models of its business routers, potentially allowing unauthenticated attackers to perform OS command ...
Security Boulevard

CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Command Injection Vulnerability

Exploit code has been published for CVE-2025-64155, a critical command injection vulnerability affecting Fortinet FortiSIEM ...
Infosecurity-magazine.com

CISA Urges Software Makers to Eliminate OS Command Injection Vulnerabilities

The US government has urged software manufacturers to work towards the elimination of operating system (OS) command injection vulnerabilities. The alert from the Cybersecurity and Infrastructure ...
CSOonline

Misconfigured MCP servers expose AI agent systems to compromise

Hundreds of Model Context Protocol (MCP) servers used to link LLMs to third-party services, data sources, and tools include default configurations that could expose users to unauthorized OS command ...
heise online

Palo Alto plugs high-risk loopholes in PAN-OS and GlobalProtect

Palo Alto Networks distributes updated software – to plug security leaks in PAN-OS and GlobalProtect, some of which are highly risky. The manufacturer plays down the risk of the vulnerabilities in its ...