Ongoing Attacks Exploit GeoServer RCE Flaw (CVE-2024-36401) to Install NetCat and XMRig CoinMiner

July 10, 2025

Ongoing Attacks Exploit GeoServer RCE Flaw (CVE-2024-36401) to Install NetCat and XMRig CoinMiner

The AhnLab Security Intelligence Center (ASEC) has issued a fresh warning on the ongoing exploitation of a remote code execution (RCE) vulnerability in GeoServer, tracked as CVE-2024-36401. According …

Published Date:
Jul 10, 2025 (4 hours, 21 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2024-36401

Source: Read More

Previous ArticleCritical Vulnerabilities Found in Schneider Electric’s EcoStruxure IT Data Center Expert

Next Article CISA Warns of Critical Flaws in Emerson ValveLink Software: Exploits Could Lead to Code Execution and Data Exposure

Highlights

CVE-2025-53375 – Dokploy File Access Vulnerability

July 7, 2025

CVE ID : CVE-2025-53375

Published : July 7, 2025, 4:15 p.m. | 1 hour, 8 minutes ago

Description : Dokploy is a self-hostable Platform as a Service (PaaS) that simplifies the deployment and management of applications and databases. An authenticated attacker can read any file that the Traefik process user can access (e.g., /etc/passwd, application source, environment variable files containing credentials and secrets). This may lead to full compromise of other services or lateral movement. This vulnerability is fixed in 0.23.7.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

This week in AI dev tools: Gemini API Batch Mode, Amazon SageMaker AI updates, and more (July 11, 2025)

JFrog finds MCP-related vulnerability, highlighting need for stronger focus on security in MCP ecosystem

8 Key Questions Every CEO Should Ask Before Hiring a Node.js Development Company in 2025

Vibe Loop: AI-native reliability engineering for the real world

One of Atlus’ best Xbox JRPGs that puts modern Final Fantasy games to shame is now on a 45% discount — This is your last chance to seize it as the Amazon Day Prime closes today

Don’t waste the LAST 24 hours of Amazon Prime Day sales buying a MacBook — buy this much better Windows laptop instead!

This fantastic Xbox remake of a classic Atlus JRPG we gave a perfect review score to is now 49% cheaper — Don’t miss the deadline for this Amazon Prime Day deal, which ends today

HP’s discount on one of the most powerful gaming laptops on the planet is absolutely UNBEATABLE — but you only have a few hours to get one!

The details of TC39’s last meeting

The details of TC39’s last meeting

Francisco Bergeret Paves the Way Through Strong Leadership at Perficient

Intelligent Automation in the Healthcare Sector with n8n, OpenAI, and Pinecone

One of Atlus’ best Xbox JRPGs that puts modern Final Fantasy games to shame is now on a 45% discount — This is your last chance to seize it as the Amazon Day Prime closes today

One of Atlus’ best Xbox JRPGs that puts modern Final Fantasy games to shame is now on a 45% discount — This is your last chance to seize it as the Amazon Day Prime closes today

Don’t waste the LAST 24 hours of Amazon Prime Day sales buying a MacBook — buy this much better Windows laptop instead!

This fantastic Xbox remake of a classic Atlus JRPG we gave a perfect review score to is now 49% cheaper — Don’t miss the deadline for this Amazon Prime Day deal, which ends today

Ongoing Attacks Exploit GeoServer RCE Flaw (CVE-2024-36401) to Install NetCat and XMRig CoinMiner

Ongoing Attacks Exploit GeoServer RCE Flaw (CVE-2024-36401) to Install NetCat and XMRig CoinMiner

Critical Vulnerability in Anthropic’s MCP Exposes Developer Machines to Remote Exploits

Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials

This app fixes the Windows 11 Start menu, and it now works with Snapdragon PCs

CVE-2025-42598 – Seiko Epson Printer DLL Hijacking Vulnerability

CVE-2025-52556 – “rfc3161-client TSA Signature Validation Bypass”

Want to upgrade your home’s tech? First, assess your energy maturity – here’s how

CVE-2025-53375 – Dokploy File Access Vulnerability

CVE-2025-33112 – IBM AIX VIOS Perl Path Traversal Vulnerability

CVE-2025-4491 – Campcodes Online Food Ordering System SQL Injection Vulnerability

CVE-2025-5982 – GitLab EE IP Access Restriction Bypass Vulnerability

Ongoing Attacks Exploit GeoServer RCE Flaw (CVE-2024-36401) to Install NetCat and XMRig CoinMiner

Ongoing Attacks Exploit GeoServer RCE Flaw (CVE-2024-36401) to Install NetCat and XMRig CoinMiner

Related Posts