servers
-
Blog
Critical Langflow RCE flaw exploited to hack AI app servers
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has tagged a Langflow remote code execution vulnerability as actively exploited, urging organizations to apply security updates and mitigations as soon as possible. The vulnerability is tracked as CVE-2025-3248 and is a critical unauthenticated RCE flaw that allows any attacker on the internet to take full control of vulnerable Langflow servers by exploiting an…
Read More » -
Blog
Apache Parquet exploit tool detect servers vulnerable to critical flaw
A proof-of-concept exploit tool has been publicly released for a maximum severity Apache Parquet vulnerability, tracked as CVE-2025-30065, making it easy to find vulnerable servers. The tool was released by F5 Labs researchers who investigated the vulnerability after finding that multiple existing PoCs were either weak or completely non-functional. The tool serves as proof of CVE-2025-30065’s practical exploitability and can…
Read More » -
Blog
Over 1,200 SAP NetWeaver servers vulnerable to actively exploited flaw
Over 1,200 internet-exposed SAP NetWeaver instances are vulnerable to an actively exploited maximum severity unauthenticated file upload vulnerability that allows attackers to hijack servers. SAP NetWeaver is an application server and development platform that runs and connects SAP and non-SAP applications across different technologies. Last week, SAP disclosed an unauthenticated file upload vulnerability, tracked as CVE-2025-31324, in SAP NetWeaver Visual Composer,…
Read More » -
Blog
Hitachi Vantara takes servers offline after Akira ransomware attack
Hitachi Vantara, a subsidiary of Japanese multinational conglomerate Hitachi, was forced to take servers offline over the weekend to contain an Akira ransomware attack. The company provides data storage, infrastructure systems, cloud management, and ransomware recovery services to government entities and some of the world’s biggest brands, including BMW, Telefónica, T-Mobile, and China Telecom. In a statement shared with BleepingComputer,…
Read More » -
Blog
Police detains Smokeloader malware customers, seizes servers
In follow-up activity for Operation Endgame, law enforcement tracked down Smokeloader botnet’s customers and detained at least five individuals. During Operation Endgame last year, more than 100 servers used by major malware loader operations (e.g. IcedID, Pikabot, Trickbot, Bumblebee, Smokeloader, SystemBC) were seized. In a press release today, Europol informs that the operation continues as law enforcement officers analyze the…
Read More » -
Blog
Veeam RCE bug lets domain users hack backup servers, patch now
Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in its Backup & Replication software that impacts domain-joined installations. The flaw was disclosed yesterday and affects Veeam Backup & Replication version 12.3.0.310 and all earlier version 12 builds. The company fixed it in version 12.3.1 (build 12.3.1.1139), which was released yesterday. According to a technical writeup by watchTowr Labs, who…
Read More » -
Blog
Why government email servers are top targets for state-backed hackers
State-backed hackers have accelerated attacks on government email servers in recent years, and it’s a trend that experts told ITPro will only get worse. The prediction comes after a threat group with reported links to Chinese espionage activities breached email servers belonging to the Belgian intelligence agency. On Wednesday February 26th, the Belgian federal prosecutor announced it had launched a…
Read More » -
Blog
Elon Musk doesn’t work for DOGE, says White House as battle for government servers intensifies – Computerworld
Furthermore, “The intelligence team recommended the DOGE members be monitored as an insider threat. Critically, they called for “suspending” any access to payment systems and “conducting a comprehensive review of all actions they may have taken on these systems,” it continued. “Mr. Musk has gained sweeping and unprecedented access to sensitive data, information, systems, and technological and financial infrastructure across…
Read More » -
Blog
Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster
The Dutch Police (Politie) dismantled the ZServers/XHost bulletproof hosting operation after taking offline 127 servers used by the illegal platform. Earlier this week, the authorities in the United States, Australia, and the United Kingdom, announced sanctions against the same bulletproof hosting provider for its involvement in cybercrime operations. Specifically, the operators of Zservers were accused of facilitating LockBit ransomware attacks and supporting…
Read More » -
Blog
Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers
Software vendor Trimble is warning that hackers are exploiting a Cityworks deserialization vulnerability to remotely execute commands on IIS servers and deploy Cobalt Strike beacons for initial network access. Trimble Cityworks is a Geographic Information System (GIS)-centric asset management and work order management software designed primarily for local governments, utilities, and public works organizations. The product helps municipalities and infrastructure…
Read More »