Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
zirk.us is one of the many independent Mastodon servers you can use to participate in the fediverse.
Literature, philosophy, film, music, culture, politics, history, architecture: join the circus of the arts and humanities! For readers, writers, academics or anyone wanting to follow the conversation.

Administered by:

Server stats:

732
active users

zirk.us: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

#Attack

22 posts15 participants5 posts today
Public
BeyondMachines :verified:

Active! Mail remote code execution flaw actively exploited

Japanese web-based email client Active! Mail contains a critical stack-based buffer overflow vulnerability (CVE-2025-42599, CVSS 9.8) that allows unauthenticated attackers to execute arbitrary code remotely. The flaw is currently being actively exploited against Japanese organizations impacting approximately 11 million accounts, prompting Qualitia to release version 6.60.06008562 as an urgent security patch.

**If you are running Active! Mail webmail based service, disable it immediately and start patching. Because hackers are actively attacking it. You can try to mitigate the issue by blocking multipart/form-data headers, but that's not really a fix. Better to disable it fully, patch, then reactivate the service.**
#cybersecurity #infosec #attack #activeexploit
beyondmachines.net/event_detai

BeyondMachinesActive! Mail remote code execution flaw actively exploitedJapanese web-based email client Active! Mail contains a critical stack-based buffer overflow vulnerability (CVE-2025-42599, CVSS 9.8) that allows unauthenticated attackers to execute arbitrary code remotely. The flaw is currently being actively exploited against Japanese organizations impacting approximately 11 million accounts, prompting Qualitia to release version 6.60.06008562 as an urgent security patch.
Public
BeyondMachines :verified:

CISA reports active exploitation of SonicWall SMA 100 Series vulnerability
#cybersecurity #infosec #attack #activeexploit
beyondmachines.net/event_detai

BeyondMachinesCISA reports active exploitation of SonicWall SMA 100 Series vulnerabilityGlobal cybersecurity authorities have confirmed active exploitation of CVE-2021-20035, a command injection vulnerability in SonicWall SMA 100 Series devices that allows authenticated attackers to execute code despite having limited "nobody" user privileges. CISA has mandated federal agencies patch affected SMA 200, 210, 400, 410, and 500v devices by May 7, 2025, as threat actors are actively targeting organizations that failed to apply the fixes released in 2021.
Public
Turris project

Thanks to our #TurrisSentinel #security #research program, #CZNIC #CSIRT team discovered large scale #FTP #attack. Coming from 45.78.4.0/22, it is #bruteforcing #slowly - it takes it 19 day to get through it's #passwords. Big thanks to everybody who helps us by running our #minipots on their devices! Report in #Czech is available on CSIRT website csirt.cz/cs/kyberbezpecnost/ak

csirt.czDistribuovaný FTP bruteforcer - Aktuálně z bezpečnosti - CSIRTAktuálně z bezpečnosti
Public
CBC Top Stories

'We could barely walk,' sisters say after being ordered to evacuate northern Gaza's last major hospital
The United Nations chief is "deeply alarmed" at an Israeli forces strike on the Al-Ahli Arab Hospital in Gaza, as groups warn of dire shortages of medicine and hospital supplies in the enclave.
#war #hospital #medicine #attack #Gaza #News
cbc.ca/news/world/gaza-al-ahli

Public
CBC World

'We could barely walk,' sisters say after being ordered to evacuate northern Gaza's last major hospital
The United Nations chief is "deeply alarmed" at an Israeli forces strike on the Al-Ahli Arab Hospital in Gaza, as groups warn of dire shortages of medicine and hospital supplies in the enclave.
#war #hospital #medicine #attack #Gaza #News
cbc.ca/news/world/gaza-al-ahli

ExploreLive feeds
About