No fix yet for critical RCE bug in open-source Git service Gogs - exploit module is out

Researcher reported the vuln in March. Maintainers haven't responded to his messages since ...
The Hacker News

Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code

A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an ...

Root Evidence Research Finds Only 1.4% of Vulnerabilities Are Known to Be Exploited in Real ...

Root Evidence, the cybersecurity startup championing evidence-based security, today released new research showing that the ...
GitHub

exchange_proxylogon_rce.rb

commands on the remote Microsoft Exchange Server. This vulnerability affects (Exchange 2013 Versions < 15.00.1497.012, Exchange 2016 CU18 < 15.01.2106.013, Exchange ...
GitHub

metasploit-modules

This Metasploit module exploits an unauthenticated remote code execution vulnerability which exists in Apache version 2.4.49 (CVE-2021-41773). If files outside of the ...
ZDNet

BlueKeep exploit to get a fix for its BSOD problem

Currently, the only public proof-of-concept exploit code for the infamous BlueKeep vulnerability is a module for the Metasploit penetration testing framework. The BlueKeep Metasploit module was put ...
IEEE

Applied Comparative Evaluation of the Metasploit Evasion Module

Abstract: The great revitalization of information and communication technologies has facilitated broad connectivity to the Internet. However, this convenience in terms of connectivity comes with ...
SecurityWeek

New Terror Exploit Kit Emerges

After the fall of the Nuclear and Angler exploit kits (EKs), overall activity generated from exploit kits has dropped to only a fraction of what used to be ...