A critical pre-authentication remote code execution vulnerability in Marimo, an open-source Python notebook platform owned by AI cloud company CoreWeave, was exploited in the wild less than 10 hours after its public disclosure, according to the Sysdig Threat Research Team. The vulnerability, tracked as CVE-2026-39987 with a severity score of 9.3 out of 10, affects…
Tag: preauthentication
Exploits, Global Security News
Critical Marimo pre-auth RCE flaw now under active exploitation
A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged for credential theft. […]
Exploits, Global Security News, Security
Critical BeyondTrust RCE flaw now exploited in attacks, patch now
A critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access appliances is now being exploited in attacks after a PoC was published online. […]
AI, Don't miss, Enterprise, Exploits, Global Security News, Government, Hot stuff, News
Ivanti EPMM exploitation: Researchers warn of “sleeper” webshells
A massive wave of exploitation attempts has followed the disclosure of CVE-2026-1281, a critical pre-authentication Ivanti EPMM vulnerability, the Shadowserver Foundation has warned. Some of it is automated scanning for vulnerable systems, but according to Greynoise and Defused, a suspected initial access broker has been prepping unpatched instances with a “sleeper” webshell for follow-on exploitation…