One click to compromise: Oracle Cloud Code Editor flaw exposed users to RCE

Score: 72/100 CSO Online 15 hours ago Part of cluster #1214

A critical vulnerability in OCI’s Code Editor exposed enterprise environments to RCE and privilege escalation risks, highlighting the dangers of implicit trust in integrated cloud tools. A now-patched vulnerability in Oracle Cloud Infrastructure’s (OCI) Code Editor exposed users to remote code execution (RCE) attacks with just a single click. Discovered by Tenable Research, the flaw could allow attackers to upload malicious files to a victim’s Cloud Shell environment and potentially pivot to bro...

Continue Reading on Original Site

Recommended Articles

UK NCSC Announces Software Vulnerability Initiative

UK NCSC Announces Software Vulnerability Initiative

Data Breach Today UK 1 hour ago

Application Security,Governance & Risk Management, -Generation Technologies & Secure Development UK NCSC Announces Software Vulnerability Initiative Credit Eligible Get Permission The U.K. National Cy...

Co-op confirms data of 6.5 million members stolen in cyberattack

Co-op confirms data of 6.5 million members stolen in cyberattack

BleepingComputer 6 hours ago

Co-op confirms data of 6.5 million members stolen in cyberattack Lawrence Abrams July 16, 2025 06:29 PM 0 UK retailer Co-op has confirmed that personal data of 6.5 million members was stolen in the ma...

Ryuk ransomware operator extradited to US, faces five years in federal prison

Ryuk ransomware operator extradited to US, faces five years in federal prison

CyberScoop 7 hours ago

An Armenian national is in federal custody and faces charges stemming from their alleged involvement in a spree of attacks in 2019 and 2020 involving Ryuk ransomware, the Justice Department said Wedne...

North Korea Floods npm Registry with Malware

North Korea Floods npm Registry with Malware

Data Breach Today UK 2 hours ago

3rd Party Risk Management,Application Security,Governance & Risk Management North Korea Floods npm Registry with Malware Credit Eligible Get Permission North Korean threat actors escalated their softw...

SonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware

SonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware

BleepingComputer 13 hours ago

SonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware Ionut Ilascu July 16, 2025 11:33 AM 0 A threat actor has been deploying a previously unseen malware called OVERSTEP that modifies ...

Threat Intelligence

APT Groups 1

GhostEmperor

Ransomware 3

Hacked One silent

Malware 1

Guard

Attack Types 4

Cross-site Request Forgery Lateral Movement Privilege Escalation Remote Code Execution

Vulnerabilities 5

CSRF Cross-Site Request Forgery Privilege Escalation RCE Remote Code Execution

Business Intelligence

Companies 2

NVIDIA Oracle

Security Vendors 1

Tenable

Platforms 1

Linux

Information

Article ID: #3510
Published: 15 hours ago
Source: CSO Online