GeoServer Flaw Exploited in US Federal Agency Hack
The US cybersecurity agency CISA has shared details on the exploitation of a year-old GeoServer vulnerability to compromise a federal civilian executive branch (FCEB) agency.…
Category: SecurityWeek
GitHub Boosting Security in Response to NPM Supply Chain Attacks
In the light of recent supply chain attacks targeting the NPM ecosystem, GitHub will implement tighter authentication and publishing rules meant to improve the NPM…
Record-Breaking DDoS Attack Peaks at 22 Tbps and 10 Bpps
Web performance and security company Cloudflare reported on Tuesday that its systems blocked another record-breaking distributed denial-of-service (DDoS) attack. The latest record-breaking attack peaked at…
SonicWall Updates SMA 100 Appliances to Remove Overstep Malware
SonicWall has released a fresh software update for its SMA 100 appliances to help users remove the Overstep malware deployed in a recent campaign. As…
Libraesva Email Security Gateway Vulnerability Exploited by Nation-State Hackers
Libraesva has addressed a vulnerability in its integrated email security platform that has been exploited in the wild. Tracked as CVE-2025-59689 (CVSS score of 6.1),…
A Massive Telecom Threat Was Stopped Right As World Leaders Gathered at UN Headquarters in New York
While close to 150 world leaders prepared to descend on Manhattan for the U.N. General Assembly, the U.S. Secret Service was quietly dismantling a massive…
Jaguar Land Rover Says Shutdown Will Continue Until at Least Oct 1 After Cyberattack
Jaguar Land Rover said Tuesday that its production lines, shut down after a cyberattack in August, will remain at a halt until at least Oct.…
Patch Bypassed for Supermicro Vulnerability Allowing BMC Hack
Supermicro has patched two BMC vulnerabilities that can be exploited to perform malicious firmware updates on impacted devices. According to firmware security company Binarly, one…
Patch Bypassed for Supermicro Vulnerability Allowing BMC Hack
Supermicro has patched two BMC vulnerabilities that can be exploited to perform malicious firmware updates on impacted devices. According to firmware security company Binarly, one…
SolarWinds Makes Third Attempt at Patching Exploited Vulnerability
SolarWinds on Tuesday announced a hotfix for a remote code execution (RCE) vulnerability in Web Help Desk, and this is the third time it attempts…
ShadowV2 DDoS Service Lets Customers Self-Manage Attacks
A newly discovered distributed denial-of-service (DDoS) botnet targets misconfigured Docker containers for infection and offers a new service model where customers launch their own attacks,…
Unit 221B Raises $5 Million for Threat Intel Aiding Hacker Arrests
Threat intelligence firm Unit 221B has announced raising $5 million in a seed funding round led by J2 Ventures, with additional support from Pipeline Capital…