Security News

Critical AMI MegaRAC bug can let attackers hijack, brick servers
2025-03-18 15:29

​A new critical severity vulnerability found in American Megatrends International's MegaRAC Baseboard Management Controller (BMC) software can let attackers hijack and potentially brick vulnerable...

New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking
2025-03-18 13:31

A critical security vulnerability has been disclosed in AMI's MegaRAC Baseboard Management Controller (BMC) software that could allow an attacker to bypass authentication and carry out...

Like whitebox servers, rent-a-crew crime 'affiliates' have commoditized ransomware
2025-03-07 11:31

Which is why taking down chiefs and infra behind big name brand operations isn't working Interview There's a handful of cybercriminal gangs that Jason Baker, a ransomware negotiator with...

Over 37,000 VMware ESXi servers vulnerable to ongoing attacks
2025-03-06 15:39

Over 37,000 internet-exposed VMware ESXi instances are vulnerable to CVE-2025-22224, a critical out-of-bounds write flaw that is actively exploited in the wild. [...]

Rubrik rotates authentication keys after log server breach
2025-03-03 20:53

Rubrik disclosed last month that one of its servers hosting log files was breached, causing the company to rotate potentially leaked authentication keys. [...]

New OpenSSH flaws expose SSH servers to MiTM and DoS attacks
2025-02-18 17:07

OpenSSH has released security updates addressing two vulnerabilities, a machine-in-the-middle (MitM) and a denial of service flaw, with one of the flaws introduced over a decade ago. [...]

Microsoft fixes bug causing Windows Server 2025 boot errors
2025-02-14 11:18

​Microsoft has fixed a known issue causing "boot device inaccessible" errors during startup on some Windows Server 2025 systems using iSCSI. [...]

Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster
2025-02-13 18:26

The Dutch Police (Politie) dismantled the ZServers/XHost bulletproof hosting operation after taking offline 127 servers used by the illegal platform. [...]

DragonRank Exploits IIS Servers with BadIIS Malware for SEO Fraud and Gambling Redirects
2025-02-10 09:44

Threat actors have been observed targeting Internet Information Services (IIS) servers in Asia as part of a search engine optimization (SEO) manipulation campaign designed to install BadIIS...

Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers
2025-02-07 18:42

Software vendor Trimble is warning that hackers are exploiting a Cityworks deserialization vulnerability to remotely execute commands on IIS servers and deploy Cobalt Strike beacons for initial...