Critical Marimo pre-auth RCE flaw now under active exploitation

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...
InfoWorld

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.

13-year-old bug in ActiveMQ lets hackers remotely execute commands

Security researchers discovered a remote code execution (RCE) vulnerability in Apache ActiveMQ Classic that has gone ...
The Hacker News

Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure

Marimo CVE-2026-39987 exploited within 10 hours of disclosure, enabling unauthenticated RCE and credential theft, emphasizing urgent patching needs.
SecurityWeek

F5 BIG-IP DoS Flaw Upgraded to Critical RCE, Now Exploited in the Wild

Threat actors are exploiting CVE-2025-53521, a critical F5 BIG-IP vulnerability that has been reclassified as a remote code execution issue.
TweakTown

Call of Duty: WWII taken offline after RCE vulnerability let hackers take over PCs

TL;DR: Activision Blizzard has taken Call of Duty: WWII on PC offline from the Xbox App due to a critical remote code execution vulnerability. This security flaw allows hackers to hijack PCs, causing ...