In March and April 2024, the Ukrainian national cyber incident response team, CERT-UA, detected a significant cyberattack targeting the information and communication system (ICS) of a central executive body.
During forensic investigation, researchers identified a Windows-based server that had been repurposed as an unauthorized...
A critical Denial-of-Service (DoS) vulnerability (CVE-2025-XXXX) has been patched in CoreDNS’s DNS-over-QUIC (DoQ) server implementation.
The flaw allows remote attackers to crash instances by exploiting uncontrolled goroutine creation in QUIC stream handling, leading to memory exhaustion.
This issue is particularly severe in containerized deployments...
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical update to its Known Exploited Vulnerabilities (KEV) catalog regarding a serious flaw in the Erlang/OTP SSH server, designated as CVE-2025-32433.
This vulnerability allows for remote code execution (RCE) due to a missing authentication...