Bleeping Computer

New Spring Java framework zero-day allows remote code execution

A new zero-day vulnerability in the Spring Core Java framework called 'Spring4Shell' has been publicly disclosed, allowing unauthenticated remote code execution on applications. Spring is a very ...
CSOonline

Microsoft demonstrates remote code execution exploit against PLCs that support CODESYS

Researchers from Microsoft have demonstrated how programmable logic controllers (PLCs) that support the CODESYS runtime can be taken over by exploiting high-severity remote code execution (RCE) ...
Bleeping Computer

Microsoft April 2024 Patch Tuesday fixes 150 security flaws, 67 RCEs

Update 4/9/24: Added information on two zero-day vulnerabilities that Microsoft did not initially mark as exploited. Today is Microsoft's April 2024 Patch Tuesday, which includes security updates for ...