CISA Warns of Exploited Magento Extension Flaw

A critical flaw in the Mirasvit Full Page Cache Warmer Magento extension, tracked as CVE-2026-45247, has been exploited by hackers, allowing them to execute remote code without authentication. This vulnerability, rated 9.8 on the CVSS scale, enables attackers to wreak havoc by supplying a malicious PHP object in the CacheWarmer…

https://osintsights.com/cisa-warns-of-exploited-magento-extension-flaw?utm_source=mastodon&utm_medium=social

#MagentoExtensionFlaw #Cve202645247 #DeserializationVulnerability #RemoteCodeExecution #Cisa

Microsoft Fixes SharePoint Flaw That Exposes Servers to Remote Code Execution

Microsoft just patched a high-severity flaw in SharePoint that could let hackers execute malicious code remotely - and it's crucial you update your servers ASAP to stay safe. The vulnerability, tracked as CVE-2026-45659, has a CVSS score of 8.8, making it a prime target for attackers.

https://osintsights.com/microsoft-fixes-sharepoint-flaw-that-exposes-servers-to-remote-code-execution?utm_source=mastodon&utm_medium=social

#RemoteCodeExecution #Sharepoint #Cve202645659 #Microsoft #DeserializationVulnerability

⚠️ MASSIVE SECURITY BREACH IMMINENT: Unauthenticated attackers can hijack HestiaCP servers via Deserialization Vulnerabil

#CybersecurityVulnerability #DeserializationVulnerability #HestiaCPExploit #RootLevelAccess #WebTerminalCompromise #cve #cybersecurity #iso27001

Someone found a Gem::SafeMarshal escape in Ruby! (Also, this blog is 🔥 for Ruby security research.)
https://nastystereo.com/security/ruby-safe-marshal-escape.html

#ruby #rubysec #securityresearch #vulnerabilityresearch #deserializationvulnerability

Python Serialization Vulnerabilities – Pickle: https://www.hackingarticles.in/python-serialization-vulnerabilities-pickle/

#webapplicationsecurity #deserializationvulnerability #python #pickle