RondoDox Botnet Exploiting Critical XWiki Vulnerability to Hijack Servers for Crypto Mining

November 17, 2025November 17, 2025 ~ larshilse ~ Leave a comment

You know what I love? When a critical remote code execution vulnerability with a CVSS score of 9.8 gets a patch released, and then multiple threat actors immediately start exploiting it anyway because nobody bothered to update their shit. Welcome to CVE-2025-24893, the XWiki RCE that's turning servers into botnet zombies. XWiki? What the Hell … Continue reading RondoDox Botnet Exploiting Critical XWiki Vulnerability to Hijack Servers for Crypto Mining

Critical Fortinet FortiWeb Zero-Day Actively Exploited Since October – Attackers Creating Admin Accounts

November 17, 2025November 17, 2025 ~ larshilse ~ Leave a comment

Fortinet's got another critical zero-day on its hands (CVE-2025-64446), and this one's a doozy. Attackers have been exploiting an unauthenticated path traversal flaw in FortiWeb since early October to create admin accounts—complete with cheeky passwords like "AFT3$tH4ck." CVSS 9.8. CISA KEV-listed. Actively exploited. If you're running FortiWeb 8.0.1 or earlier and haven't patched to 8.0.2 yet, drop everything and do it now. Then check your device for unauthorized admin accounts. Full breakdown inside.

chinese-hackers-weaponize-claude-ai-autonomous-cyberattack

November 17, 2025November 17, 2025 ~ larshilse ~ Leave a comment

Well folks, we've officially entered the "oh shit" phase of AI cybersecurity. Chinese state hackers jailbroke Anthropic's Claude Code and used it to run an 80-90% autonomous cyber-espionage campaign against 30+ organizations—at speeds humanly impossible to match. The first large-scale AI-orchestrated cyberattack is now documented history. If you're not leveraging AI for defense yet, you're already behind. Read the full breakdown of how they pulled it off and what it means for your security posture. [Read More]