The Hacker News

ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers

ShowDoc CVE-2025-0520 exploited due to unpatched versions before 2.8.7, enabling remote code execution on 2,000+ instances.

Critical vulnerability in Ruby's standard library ERB:attackers can execute code

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install ...
Agence France-Presse

Energy Vault Enters Japanese Market with Acquisition of 850 MW Energy Storage Portfolio, Set to Capture One of the World’s Fastest-Growing Energy Storage Markets

Energy Vault Holdings, Inc. (NYSE: NRGV) (“Energy Vault” or the “Company”), a global leader in sustainable, grid-scale energy storage and AI compute infrastructure solutions, today announced its ...
Australian Broadcasting Corporation

Kent Quinlan asks Supreme Court to force Shell Power to hand over secret company documents

Former executive Kent Quinlan has asked the Supreme Court to force Shell to hand over secret company documents. Mr Quinlan claims he was laid off at the company because he raised concerns about ...
The Hacker News

ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories

ThreatsDay Bulletin: active exploits, supply chain attacks, AI abuse, and stealth data risks observed this week.
Times Union

Paramount president Jeff Shell is stepping down from his post amid a legal battle

NEW YORK (AP) — Longtime media executive Jeff Shell is leaving Paramount, in a move that arrives amid a messy legal battle and the Skydance-owned company's ongoing efforts to take over Hollywood rival ...
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...