rce

Patch Alert: Wing FTP Exploited, Two Patch Tuesday Zero-Days, and a D-Link RCE That Doesn't Need a Login

John Z Black Mar 17, 2026

Vulnerabilities & Patching #vulnerabilities #cisa #kev #wing-ftp #patch-tuesday #dlink #rce #patching

Three vulnerability disclosures in one week across different parts of the stack. Wing FTP is actively exploited, March Patch Tuesday dropped two zero-days, and D-Link has an unauthenticated RCE in its DNS config.

Two Vulnerabilities, Two Patches, One Message: Critical Enterprise Flaws Need Immediate Attention

John Z Black Mar 15, 2026

Vulnerabilities & Patching #patch-management #microsoft #windows-11 #hpe #aruba #enterprise-security #rce #vulnerability

Microsoft shipped an emergency out-of-band RRAS patch days after Patch Tuesday. HPE has a switch vulnerability that lets attackers reset admin passwords with zero credentials. Both need patching now.

Veeam Has Seven Critical RCE Flaws and Ransomware Operators Are Paying Attention

John Z Black Mar 13, 2026

Vulnerability Intelligence #veeam #ransomware #rce #backup #patch #enterprise

Seven simultaneous unauthenticated RCE vulnerabilities in Veeam Backup & Replication. This is a ransomware operator's wishlist, and it all dropped at once. Patch now.