DDoS mitigation
-
Hezi Rash hacktivist group tied to hundreds of DDoS attacks, Check Point reports
Hezi Rash, a Kurdish nationalist hacktivist group founded in 2023, has been linked by Check Point to about 350 DDoS attacks between August and October 2025 targeting sites in Japan, Turkey, Israel, Iran, Iraq and Germany; analysts say the campaigns are ideologically driven and focus on disruption.
-
Unauthenticated flaw in Gladinet CentreStack and Triofox (CVE-2025-11371) exploited in the wild
Security researchers say CVE-2025-11371, an unauthenticated local file inclusion in Gladinet CentreStack and Triofox, is being exploited in the wild; Huntress recommends removing a handler from the UploadDownloadProxy Web.config as a temporary mitigation while Gladinet prepares a patch.
-
High-severity flaw in Red Hat OpenShift AI could allow full cluster takeover, vendor warns
Red Hat warned that a CVE-2025-10725 flaw in OpenShift AI, scored 9.9 by CVSS, could let a low-privileged authenticated user escalate to cluster administrator, enabling data theft, service disruption and full platform takeover; Red Hat and a Bugzilla report provided mitigation steps and urged urgent patching and investigation.
-
Cloudflare says it blocked largest recorded DDoS attack at 11.5 Tbps
Cloudflare says it blocked the largest recorded volumetric DDoS attack, peaking at 11.5 Tbps and lasting about 35 seconds, with most traffic traced to Google Cloud as the company notes a broader rise in high-volume DDoS campaigns.
