The Hacker News

RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet

The botnet malware known as RondoDox has been observed targeting unpatched XWiki instances against a critical security flaw ...

Fortinet FortiWeb flaw with public PoC exploited to create admin users

A Fortinet FortiWeb path traversal vulnerability is being actively exploited to create new administrative users on exposed ...
InfoWorld

How GlassWorm wormed its way back into developers’ code — and what it says about open source security

Weeks after being declared eradicated, GlassWorm is again infesting open source extensions using the same invisible Unicode and blockchain C2 tricks.