A proof-of-concept exploit has been publicly released for CVE-2025-9501, a critical, unauthenticated command-injection vulnerability affecting W3 Total Cache, one of WordPress’s most widely deployed caching plugins. With over 1 million active installations, the vulnerability poses a significant risk to countless websites worldwide. RCE Security discovers that the flaw exists in W3 Total Cache’s dynamic content […] The post PoC released for W3 Total Cache Vulnerability that Exposes 1+ Million Websites to RCE Attacks appeared first on Cyber Security News.

As artificial intelligence infrastructure rapidly expands, critical security flaws threaten the backbone of enterprise AI deployments. Security researchers at Oligo Security have uncovered a series of dangerous Remote Code Execution (RCE) vulnerabilities affecting major AI frameworks from Meta, NVIDIA, Microsoft, and PyTorch projects, including vLLM and SGLang. The vulnerabilities, collectively termed “ShadowMQ,” stem from the […] The post Critical RCE Vulnerabilities in AI Inference Engines Exposes Meta, Nvidia and Microsoft Frameworks appeared first on Cyber Security News.

A severe remote code execution (RCE) vulnerability has been discovered in Imunify360 AV, a widely used malware scanner protecting approximately 56 million websites. The security flaw, recently patched by CloudLinux, allows attackers to execute arbitrary commands and potentially take complete control of hosting servers. Patchstack researchers discovered a flaw in Imunify360 AV’s deobfuscation logic used […] The post Critical Imunify360 AV Vulnerability Exposes 56 Million+ Linux-hosted Websites to RCE Attacks appeared first on Cyber Security News.