Dark Reading

China's 'Earth Baxia' Spies Exploit Geoserver to Target APAC Orgs

A China-linked cyber-espionage group has attacked Taiwanese government agencies, the Philippine and Japanese military, and energy companies in Vietnam, installing either the Cobalt Strike client or a ...
Bleeping Computer

CISA orders feds to patch actively exploited Geoserver flaw

CISA has ordered U.S. federal agencies to patch a critical GeoServer vulnerability now actively exploited in XML External Entity (XXE) injection attacks. In such attacks, an XML input containing a ...
Dark Reading

CISA: Attackers Breach Federal Agency via Critical GeoServer Flaw

The Cybersecurity and Infrastructure Security Agency (CISA) this week disclosed that threat actors breached a federal agency last year by exploiting a critical vulnerability in the open source ...
Bleeping Computer

CISA warns critical Geoserver GeoTools RCE flaw is exploited in attacks

CISA is warning that a critical GeoServer GeoTools remote code execution flaw tracked as CVE-2024-36401 is being actively exploited in attacks. GeoServer is an open-source server that allows users to ...