MUST READ

Ni8mare flaw gives unauthenticated control of n8n instances

 | 

Misconfigured email routing enables internal-spoofed phishing

 | 

Veeam resolves CVSS 9.0 RCE flaw and other security issues

 | 

Hackers actively exploit critical RCE flaw in legacy D-Link DSL routers

 | 

Fake Booking.com lures and BSoD scams spread DCRat in European hospitality sector

 | 

CERT/CC warns of critical, unfixed vulnerability in TOTOLINK EX200

 | 

Google fixes critical Dolby Decoder bug in Android January update

 | 

Resecurity Went on the Cyber Offensive - When 'Shiny Objects' trick 'Shiny Hunters'

 | 

Russia-linked APT UAC-0184 uses Viber to spy on Ukrainian military in 2025

 | 

Kimwolf botnet leverages residential proxies to hijack 2M+ Android devices

 | 

The cybercriminal behind the 2016 Bitfinex hack has been released from prison early thanks to Trump’s 2018 First Step Act

 | 

VVS Stealer, a new python malware steals Discord credentials

 | 

Resecurity Caught ShinyHunters in Honeypot

 | 

What is happening to the Internet in Venezuela? Did the U.S. use cyber capabilities?

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 78

 | 

Security Affairs newsletter Round 557 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

President Trump blocks $2.9M Emcore chip sale over security concerns

 | 

French authorities investigate AI ‘undressing’ deepfakes on X

 | 

Thousands of ColdFusion exploit attempts spotted during Christmas holiday

 | 

Two U.S. cybersecurity professionals plead guilty in BlackCat/Alphv ransomware case

 | 

GeoServer

Pierluigi Paganini December 12, 2025
U.S. CISA adds an OSGeo GeoServer flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an OSGeo GeoServer flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an OSGeo GeoServer flaw, tracked as CVE-2025-58360 (CVSS Score of 8.2), to its Known Exploited Vulnerabilities (KEV) catalog. GeoServer is an open-source server that allows users to share and edit geospatial […]

Pierluigi Paganini September 24, 2025
How threat actors breached a U.S. federal civilian agency by exploiting a GeoServer flaw

US CISA revealed that threat actors exploited an unpatched vulnerability in GeoServer to breach a U.S. federal civilian agency’s network. Threat actors breached a U.S. federal agency via unpatched GeoServer flaw, tracked as CVE-2024-36401 (CVSS score of 9.8), which is a critical remote code execution (RCE) issue. In mid-July 2024, the U.S. Cybersecurity and Infrastructure […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Ni8mare flaw gives unauthenticated control of n8n instances

Security / January 07, 2026

Misconfigured email routing enables internal-spoofed phishing

Hacking / January 07, 2026

Veeam resolves CVSS 9.0 RCE flaw and other security issues

Security / January 07, 2026

Hackers actively exploit critical RCE flaw in legacy D-Link DSL routers

Hacking / January 07, 2026

Fake Booking.com lures and BSoD scams spread DCRat in European hospitality sector

Cyber Crime / January 07, 2026