Tag: server security
9 articles

Progress Disrupts ShareFile Servers Over External Security Threat
If you're a ShareFile customer, take immediate action: shut down your Storage Zone Controller servers now to protect against a critical external security threat. Progress Software has already disabled access to affected accounts, but manual shutdown is crucial for safeguarding your data.

Unpatched XQUIC Flaw Exposes HTTP/3 Servers to Remote Crashes
A single, tiny error - just 260 bytes of ordinary QPACK traffic - can take down an HTTP/3 server, thanks to a flaw in Alibaba's XQUIC library, dubbed XRING. This unpatched vulnerability can cause remote crashes without needing a login or malformed packets.

Exim Flaw Exposes Servers to Remote Code Execution
A critical flaw in Exim, tracked as CVE-2026-45185, leaves servers vulnerable to remote code execution if they're running specific builds, but thankfully, a remediation was published in Exim version 4.99.3. This vulnerability is triggered during TLS shutdown while handling certain SMTP traffic, allowing attackers to exploit it.

cPanel Vulnerability Exploited, Ransomware Attacks Reported
A critical cPanel vulnerability, CVE-2026-41940, has been exploited, putting servers at risk of full takeover and ransomware attacks - with a near-worst-case severity score of 9.8. This flaw affects cPanel, WebHost Manager, and WP Squared, and has already been flagged by the US government's cybersecurity agency as being exploited in the wild.

Cyberattacks Expose 1.8M RDP Servers Online
A shocking 1.8 million RDP servers are currently vulnerable to cyberattacks, leaving them open to exploitation by opportunistic hackers. Canadian authorities have also cracked down on SMS blaster phishing, arresting three men and seizing a device that sent fake texts to unsuspecting phones.

cPanel Discloses Authentication Flaw, Urges Immediate Server Updates
cPanel has uncovered a critical authentication flaw that could let hackers gain unauthorized access to your control panel, and is urging immediate server updates to protect against this threat. Check if your version is vulnerable and update to a patched build right away.

Apache ActiveMQ Vulnerability Exploited, Hits 6,400 Servers
More than 6,400 publicly accessible Apache ActiveMQ servers are under attack, thanks to a high-severity code injection vulnerability that's being actively exploited. Is your server among them?

Physical Security Lapses Expose Sensitive Servers
Your cybersecurity is only as strong as the physical locks on your servers - and a recent case where a server-room lock proved laughably easy to bypass is a stark reminder of this often-overlooked vulnerability. Leaving sensitive servers exposed is like leaving a car with cash in the console unlocked - it's an open invitation for trouble.

Microsoft Probes Installation Failures in Latest Windows Server 2025 Update
Microsoft is investigating a frustrating issue with its latest security update, KB5082063, which may refuse to install on some Windows Server 2025 systems, despite being designed to protect them. The company is working to resolve the installation failures and ensure a smooth update experience.