Bleeping Computer

CISA orders feds to patch actively exploited Geoserver flaw

CISA has ordered U.S. federal agencies to patch a critical GeoServer vulnerability now actively exploited in XML External Entity (XXE) injection attacks. In such attacks, an XML input containing a ...
TechRadar

US federal agency breached by hackers using GeoServer exploit, CISA says

Attackers exploited a critical GeoServer flaw to breach a US federal agency in July 2024 China Chopper web shell enabled remote access and lateral movement across compromised systems CISA urges timely ...
Dark Reading

CISA: Attackers Breach Federal Agency via Critical GeoServer Flaw

The Cybersecurity and Infrastructure Security Agency (CISA) this week disclosed that threat actors breached a federal agency last year by exploiting a critical vulnerability in the open source ...