Patching
-
DripDropper Linux malware patches exploited flaw to lock out rivals, Red Canary says
Red Canary researchers describe DripDropper, a Linux malware that exploits Apache ActiveMQ CVE-2023-46604 to gain access to cloud servers, then patches the vulnerability to keep rivals out and maintain control, using Sliver for persistence and Dropbox as a command channel.
-
Urgent Security Alert: Citrix Users Urged to Patch ‘Citrix Bleed 2’ Vulnerability
Citrix users are on alert as the ‘Citrix Bleed 2’ vulnerability, identified as CVE-2025-5777, is believed to be actively exploited. This flaw could allow attackers to hijack user sessions and bypass multi-factor authentication, prompting urgent patching recommendations from cybersecurity officials.
