Resources

RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet

The botnet malware known as RondoDox has been observed targeting unpatched XWiki instances against a critical security flaw that could allow attackers to achieve arbitrary code execution.
The vulnerability in question is CVE-2025-24893 (CVSS score: 9.8), an eval injection bug that could allow any guest user to perform arbitrary remote code execution through a request to the “/bin/get/Main/

Related resources

31 January 2026

Iran-Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists

A Farsi-speaking threat actor aligned with Iranian state interests is suspected to be behind a new campaign targeting non-governmental organizations and individuals involved in documenting recent human rights abuses. The […]

13 August 2025

Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws

Microsoft on Tuesday rolled out fixes for a massive set of 111 security flaws across its software portfolio, including one flaw that has been disclosed as publicly known at the […]

2 September 2025

Silver Fox Exploits Microsoft-Signed WatchDog Driver to Deploy ValleyRAT Malware

The threat actor known as Silver Fox has been attributed to abuse of a previously unknown vulnerable driver associated with WatchDog Anti-malware as part of a Bring Your Own Vulnerable […]

TR-25-0396 (Optimus Yazılım – Aracı Kurum Otomasyonu Güvenlik Bildirimi)

Finger.exe & ClickFix, (Sun, Nov 16th)

Resources

RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet

Related resources

Iran-Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists

Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws

Silver Fox Exploits Microsoft-Signed WatchDog Driver to Deploy ValleyRAT Malware

Links

Enterprise Solutions

SMB Solutions

Contact Us

Follow Us