TECH NEWS

No fix yet for critical Gogs RCE bug - exploit module is out

No fix yet for critical RCE bug in open-source Git service Gogs - exploit module is out

Researcher reported the vuln in March. Maintainers haven't responded to his messages since

There's a huge hole and no one is patching it thus far. A critical, remote code execution (RCE) bug in Gogs, a popular open-source self-hosted Git service, can be exploited by any authenticated user - no special privileges required - on a default installation to fully compromise vulnerable servers, steal credentials and multi-factor authentication secrets, or even modify code in hosted repositories in a wide-reaching supply-chain attack.

A security researcher reported the 9.4-rated flaw to project maintainers in mid-March. It still doesn’t have a patch. It does, however, have a public Metasploit module - so we’d expect reports of in-the-wild exploitation to start very soon.

The vulnerability affects all supported platforms, including Windows, Linux, and macOS, and installation methods,...

Copyright of this story solely belongs to theregister.com. To see the full text click HERE

https://techcrunch.com/wp-content/uploads/2025/03/GettyImages-ai-generated-eb728837-4a65-4ce4-b814-abd0c140d20c.jpg?w=1024

So you’ve heard these AI terms and nodded along; let’s fix that

Artificial intelligence is changing the world, and simultaneously inventing a whole new language to describe how it’s doing it. Spend five minutes reading about AI and you’ll run into LLMs, RAG, RLHF, and a dozen other terms that can make even very smart people in the tech world

https://hothardware.com/contentimages/NewsItem/70732/content/16x9_2133x1200_highres-charter-spectrum-shinyhunters-hack-news.jpg

Spectrum Owner Charter Says Data Breach Exposed 4.9 Million Accounts

The hacker group ShinyHunters has been on a tear this year, having compromised several organizations and leaking the information of those that refused to pay up. The latest data breach involves Charter Communications, which offers consumers and businesses broadband internet services through its Spectrum brand. The intrusion into Charter’s

https://i.pcmag.com/imagery/articles/01tLdu6Qewur3SpYbV2hdPh-1.fit_lim.size_1200x630.v1779824119.png

What to expect at Computex 2026: AI chips, budget PCs competing with the MacBook Neo, Nvidia entering laptop SoC market with the rumored N1X chip, and more

Sponsor Posts Niantic Spatial: Drone Imagery to Physical AI — Niantic Spatial and Spexi Geospatial partner to turn drone imagery into city-scale 3D intelligence for physical AI — on demand, geometrically accurate, and ready for simulation and training. A smarter way to text customers — This is a guest post by HostMyText.Imagine

https://www.cnet.com/a/img/resize/e22eb9a5b4e75e0c5764eb79225accd19562bb2b/hub/2026/05/29/17128bf0-0eb3-40f4-8194-2ed27e0e5515/sh-01988-r.jpg?auto=webp&fit=crop&height=675&width=1200

The Absolute Best Horror Movies on Hulu

Why You Can Trust CNET Our expert, award-winning staff selects the products we cover and rigorously researches and tests our top picks. If you buy through our links, we may get a commission. Reviews ethics statement Start the weekend off with the Sam Raimi-directed film Send Help. 3 min read

No fix yet for critical RCE bug in open-source Git service Gogs - exploit module is out

Read more

So you’ve heard these AI terms and nodded along; let’s fix that

Spectrum Owner Charter Says Data Breach Exposed 4.9 Million Accounts

What to expect at Computex 2026: AI chips, budget PCs competing with the MacBook Neo, Nvidia entering laptop SoC market with the rumored N1X chip, and more

The Absolute Best Horror Movies on Hulu