TechSecInfo

The tech + cyber briefing: what happened, why it matters, and where it came from.

Cyber Security

RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet

By rooter

The botnet malware known as RondoDox has been observed targeting unpatched XWiki instances against a critical security flaw that could allow attackers to achieve arbitrary code execution.
The vulnerability in question is CVE-2025-24893 (CVSS score: 9.8), an eval injection bug that could allow any guest user to perform arbitrary remote code execution through a request to the “/bin/get/Main/

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

By rooter

Related Post

Cyber Security

Building a High-Impact Tier 1: The 3 Steps CISOs Must Follow

rooter
Cyber Security

Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries

rooter
Cyber Security

AI Agent Overload: How to Solve the Workload Identity Crisis

rooter

Leave a Reply

You Missed

News

As Moon interest heats up, two companies unveil plans for a lunar “harvester”

News

4-Body Problem: Astronomers Spot the Most Tightly Packed Quadruple Star System Yet

News

EA continues to ‘evolve’ The Sims 4 with new virtual currency and a ‘maker’ program

News

Unihertz’s new QWERTY phone is even more like a Blackberry