Patching
-
CISA orders immediate patching after active exploitation of critical GeoServer XXE flaw
CISA has ordered federal agencies to patch a critical unauthenticated XML External Entity flaw in GeoServer (CVE-2025-58360) that is being actively exploited; researchers warn the bug can disclose files and enable SSRF, and public scans show thousands of exposed instances.
-
Australia warns of ongoing BADCANDY attacks on unpatched Cisco IOS XE devices
The Australian Signals Directorate warned of ongoing attacks using a Lua-based web shell called BADCANDY that exploits CVE-2023-20198 in unpatched Cisco IOS XE devices, estimated to have affected about 400 devices in Australia since July 2025 and urging patching and hardening measures.
-
Google DeepMind unveils CodeMender to detect, patch and rewrite vulnerable code
DeepMind has unveiled CodeMender, an AI agent that detects, patches and rewrites vulnerable code using Gemini models and an LLM-based critique tool; Google says it has upstreamed 72 fixes and is expanding AI security measures including an AI Vulnerability Reward Program and updates to its Secure AI Framework.
-
DripDropper Linux malware patches exploited flaw to lock out rivals, Red Canary says
Red Canary researchers describe DripDropper, a Linux malware that exploits Apache ActiveMQ CVE-2023-46604 to gain access to cloud servers, then patches the vulnerability to keep rivals out and maintain control, using Sliver for persistence and Dropbox as a command channel.
-
Urgent Security Alert: Citrix Users Urged to Patch ‘Citrix Bleed 2’ Vulnerability
Citrix users are on alert as the ‘Citrix Bleed 2’ vulnerability, identified as CVE-2025-5777, is believed to be actively exploited. This flaw could allow attackers to hijack user sessions and bypass multi-factor authentication, prompting urgent patching recommendations from cybersecurity officials.
