-
Dutch police seizes 250 servers used by “bulletproof hosting” service
The police in the Netherlands have seized around 250 physical servers powering a bulletproof hosting service in the country used exclusively by cybercriminals for providing complete anonymity.
- November 17, 2025
- 02:19 PM
2
-
New Supermicro BMC flaws can create persistent backdoors
Two vulnerabilities affecting the firmware of Supermicro hardware, including Baseboard Management Controller (BMC) allow attackers to update systems with maliciously crafted images.
- September 24, 2025
- 04:13 PM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Linux wiper malware hidden in malicious Go modules on GitHub
A supply-chain attack targets Linux servers with disk-wiping malware hidden in Golang modules published on GitHub.
- May 06, 2025
- 05:13 AM
- 0
-
HellCat hackers go on a worldwide Jira hacking spree
Swiss global solutions provider Ascom has confirmed a cyberattack on its IT infrastructure as a hacker group known as Hellcat targets Jira servers worldwide using compromised credentials.
- March 20, 2025
- 09:44 AM
- 0
-
Critical AMI MegaRAC bug can let attackers hijack, brick servers
A new critical severity vulnerability found in American Megatrends International's MegaRAC Baseboard Management Controller (BMC) software can let attackers hijack and potentially brick vulnerable servers.
- March 18, 2025
- 11:29 AM
- 0
-
Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster
The Dutch Police (Politie) dismantled the ZServers/XHost bulletproof hosting operation after taking offline 127 servers used by the illegal platform.
- February 13, 2025
- 01:26 PM
- 0
-
PHP fixes critical RCE flaw impacting all versions for Windows
A new PHP for Windows remote code execution (RCE) vulnerability has been disclosed, impacting all releases since version 5.x, potentially impacting a massive number of servers worldwide.
- June 07, 2024
- 10:32 AM
- 0
-
Intel and Lenovo servers impacted by 6-year-old BMC flaw
An almost 6-year-old vulnerability in the Lighttpd web server used in Baseboard Management Controllers has been overlooked by many device vendors, including Intel and Lenovo.
- April 11, 2024
- 12:50 PM
- 0
-
Ukraine claims it hacked Russian Ministry of Defense servers
The Main Intelligence Directorate (GUR) of Ukraine's Ministry of Defense claims that it breached the servers of the Russian Ministry of Defense (Minoborony) and stole sensitive documents.
- March 04, 2024
- 10:41 AM
- 2
-
45k Jenkins servers exposed to RCE attacks using public exploits
Researchers found roughly 45,000 Jenkins instances exposed online that are vulnerable to CVE-2024-23897, a critical remote code execution (RCE) flaw for which multiple public proof-of-concept (PoC) exploits are in circulation.
- January 29, 2024
- 05:06 PM
- 0
-
Over 20,000 vulnerable Microsoft Exchange servers exposed to attacks
Tens of thousands of Microsoft Exchange email servers in Europe, the U.S., and Asia exposed on the public internet are vulnerable to remote code execution flaws.
- December 02, 2023
- 01:54 PM
- 0
-
3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online
Over three thousand internet-exposed Apache ActiveMQ servers are vulnerable to a recently disclosed critical remote code execution (RCE) vulnerability.
- November 01, 2023
- 02:05 PM
- 0
-
Hackers actively exploiting Openfire flaw to encrypt servers
Hackers are actively exploiting a high-severity vulnerability in Openfire messaging servers to encrypt servers with ransomware and deploy cryptominers.
- September 26, 2023
- 10:20 AM
- 0
-
Toyota says filled disk storage halted Japan-based factories
Toyota says a recent disruption of operations in Japan-based production plants was caused by its database servers running out of storage space.
- September 06, 2023
- 09:47 AM
- 1
-
P2PInfect server botnet spreads using Redis replication feature
Threat actors are actively targeting exposed instances of the Redis open-source data store with a peer-to-peer self-replicating worm with versions for both Windows and Linux that the malware authors named P2Pinfect.
- July 31, 2023
- 11:31 AM
- 0
-
Lazarus hackers hijack Microsoft IIS servers to spread malware
The North Korean state-sponsored Lazarus hacking group is breaching Windows Internet Information Service (IIS) web servers to hijack them for malware distribution.
- July 24, 2023
- 04:34 PM
- 0
-
Critical AMI MegaRAC bugs can let hackers brick vulnerable servers
Two new critical severity vulnerabilities have been discovered in the MegaRAC Baseboard Management Controller (BMC) software made by hardware and software company American Megatrends International.
- July 20, 2023
- 12:30 PM
- 0
-
Hackers infect Linux SSH servers with Tsunami botnet malware
An unknown threat actor is brute-forcing Linux SSH servers to install a wide range of malware, including the Tsunami DDoS (distributed denial of service) bot, ShellBot, log cleaners, privilege escalation tools, and an XMRig (Monero) coin miner.
- June 20, 2023
- 01:50 PM
- 3
-
Emby shuts down user media servers hacked in recent attack
Emby says it remotely shut down an undisclosed number of user-hosted media server instances that were recently hacked by exploiting a previously known vulnerability and an insecure admin account configuration.
- May 26, 2023
- 10:56 AM
- 2
-
CloudPanel installations use the same SSL certificate private key
Self-hosted web administration solution CloudPanel was found to have several security issues, including using the same SSL certificate private key across all installations and unintentional overwriting of firewall rules to default to weaker settings.
- March 23, 2023
- 11:56 AM
- 0
0
