Cyber News

CISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog

CISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting OSGeo GeoServer to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild. The vulnerability in question is CVE-2025-58360 (CVSS score: 8.2), an unauthenticated XML External Entity (XXE) flaw that affects all versions prior to
Read More

Related Posts

React2Shell Exploitation Delivers Crypto Miners and New Malware Across Multiple Sectors

React2Shell Exploitation Delivers Crypto Miners and New...

ThreatsDay Bulletin: Spyware Alerts, Mirai Strikes, Docker Leaks, ValleyRAT Rootkit — and 20 More Stories

ThreatsDay Bulletin: Spyware Alerts, Mirai Strikes, Doc...

NANOREMOTE Malware Uses Google Drive API for Hidden Control on Windows Systems

NANOREMOTE Malware Uses Google Drive API for Hidden Con...

Active Attacks Exploit Gladinet's Hard-Coded Keys for Unauthorized Access and Code Execution

Active Attacks Exploit Gladinet's Hard-Coded Keys for U...

Microsoft Issues Security Fixes for 56 Flaws, Including Active Exploit and Two Zero-Days

Microsoft Issues Security Fixes for 56 Flaws, Including...

The Impact of Robotic Process Automation (RPA) on Identity and Access Management

The Impact of Robotic Process Automation (RPA) on Ident...