Researchers exploited a vulnerability in CodeRabbit, an AI code review tool, allowing them to achieve remote code execution (RCE) and gain read/write access to 1 million repositories. The exploitation involved creating a malicious pull request that leveraged a flaw in the integration of external static analysis tools, leading to the leakage of sensitive API tokens and secrets. CodeRabbit quickly remediated the vulnerabilities after disclosure, enhancing their security measures in response.

A long-standing deserialization vulnerability in SnakeYAML, which allowed for remote code execution in Java applications, was finally addressed after years of community discussion and a pivotal conversation between a security researcher and the library's maintainer. The change led to SnakeYAML 2.0 adopting secure defaults, preventing unsafe instantiation of classes from YAML tags unless explicitly configured. This shift highlights the importance of secure design in libraries and the need for developers to be aware of potential risks.

A critical remote code execution vulnerability (CVE-2025-30065) has been found in all versions of Apache Parquet up to 1.15.0, allowing attackers to exploit specially crafted Parquet files for malicious purposes. Users are urged to upgrade to version 1.15.1 to mitigate the risk, which is particularly significant for big data environments and analytics systems that rely on Parquet files. Although no active exploitation has been reported yet, the potential for severe impact remains high due to the widespread use of this format.

Citrix has addressed three vulnerabilities in its NetScaler ADC and Gateway, including a critical remote code execution flaw (CVE-2025-7775) that is being actively exploited. Users are urged to update their firmware as there are no available mitigations for the vulnerability. Additional vulnerabilities related to memory overflow and improper access control have also been identified and patched.

A security researcher discovered a significant remote code execution (RCE) vulnerability in ASUS's DriverHub software, which could be exploited due to inadequate origin checks in its RPC communication. The researcher detailed the exploit chain that could allow malicious code execution through ASUS-signed executables, ultimately leading to a successful report and patch from ASUS.