XWiki News Articles
Recent news articles refferecing the vendors vulnerabilities.
RondoDox botnet malware now hacks servers using XWiki flaw
The RondoDox botnet malware is now exploiting a critical remote code execution (RCE) flaw in XWiki Platform tracked as CVE-2025-24893.
2 weeks ago
RondoDox botnet malware now hacks servers using XWiki flaw
The RondoDox botnet malware is now exploiting a critical remote code execution (RCE) flaw in XWiki Platform tracked as CVE-2025-24893. On October 30, the U.S. Cybersecurity and Information Security Agency...
2 weeks ago
CyberSecurityNewsCVE-2025-24893Hackers Exploiting XWiki Vulnerability in the Wild to Hire the Servers for Botnet
A sharp increase in attacks targeting a critical vulnerability in XWiki servers. Multiple threat actors are actively exploiting CVE-2025-24893 to deploy botnets and coin miners, and to establish unauthorized server access across the internet.
2 weeks ago
Hackers Exploiting XWiki Vulnerability in the Wild to Hire the Servers for Botnet
A sharp increase in attacks targeting a critical vulnerability in XWiki servers. Multiple threat actors are actively exploiting CVE-2025-24893 to deploy botnets and coin miners, and to establish unauthorized server access across the internet.
2 weeks ago
Security AffairsCVE-2025-24893RondoDox expands botnet by exploiting XWiki RCE bug left unpatched since February 2025
RondoDox botnet exploits unpatched XWiki flaw CVE-2025-24893 to gain RCE and infect more servers, despite fixes released in February 2025.
3 weeks ago
Cyber PressCVE-2025-24893Hackers Hiring Servers for Botnet by Exploiting XWiki Vulnerability in the Wild
The vulnerability, tracked as CVE-2025-24893, has evolved from isolated attacks into widespread exploitation involving diverse
3 weeks ago
GBHackers NewsCVE-2025-24893Hackers Weaponize XWiki Flaw to Build and Rent Out Botnet Networks
Researchers have observed a dramatic escalation in attacks exploiting a critical XWiki vulnerability, with multiple threat actors now leveraging CVE-2025-24893.
3 weeks ago
The Hacker NewsCVE-2025-24893RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet
RondoDox targets unpatched XWiki servers via CVE-2025-24893, driving record exploitation surges in November.
3 weeks ago
HackreadCVE-2025-24893Hackers Hijack Corporate XWiki Servers for Crypto Mining
A critical security flaw is being actively exploited by cybercriminals to compromise corporate XWiki servers for cryptomining. This is an urgent threat targeting unpatched installations of the open-source...
CybersecurityNewsCVE-2025-24893CISA Warns of XWiki Platform Injection vulnerability Exploited to Execute Remote Code
CISA has issued an urgent warning about a severe injection vulnerability in the XWiki Platform, designated as CVE-2025-24893.
CISA Warns of XWiki Platform Injection vulnerability Exploited to Execute Remote Code
CISA has issued an urgent warning about a severe injection vulnerability in the XWiki Platform, designated as CVE-2025-24893.
GBHackers NewsCVE-2025-24893XWiki Remote Code Execution Flaw Actively Weaponized for Coinmining
A critical security vulnerability in XWiki collaboration software is being actively exploited by threat actors to deploy cryptocurrency mining malware.
Cyber PressCVE-2025-24893Attackers Exploit XWiki RCE Vulnerability to Deploy Cryptocurrency Miners
VulnCheck Canaries have captured a sophisticated two-stage attack chain demonstrating the real-world exploitation of this vulnerability.
Active Exploits Hit Dassault and XWiki — CISA Confirms Critical Flaws Under Attack
CISA and VulnCheck warn of active exploitation of DELMIA Apriso and XWiki flaws delivering crypto miners.
CVE-2024-31982:XWiki 通过 DatabaseSearch 以访客身份远程执行代码
影响 XWiki 的数据库搜索允许通过搜索文本执行远程代码。由于数据库搜索默认可供所有用户访问,因此任何公共 wiki 访问者或封闭 wiki 用户都可以执行远程代码。这会影响整个 XWiki...