The Hacker News

CISA Warns of Two Malware Strains Exploiting Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

CISA details attackers exploiting Ivanti EPMM zero-days CVE-2025-4427/4428 in May 2025, enabling persistent remote code ...
SecurityWeekOpinion

CISA Analyzes Malware From Ivanti EPMM Intrusions

CISA has shared technical information on malware deployed in attacks targeting two vulnerabilities in Ivanti Endpoint Manager ...

CISA exposes malware kits deployed in Ivanti EPMM attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis of the malware deployed in attacks ...
GitHub

[Bug] The AnnotatedBeanDefinitionRegistryUtils.isPresentBean method breaks Dubbo's class isolation mechanism.

My scenario is that I want to build a plugin mechanism, which I’ll refer to as the base and plugins. Both the base and plugins are Spring fat JARs, and both contain Dubbo interfaces (including both ...
The Hacker News

FreePBX Servers Targeted by Zero-Day Flaw, Emergency Patch Now Available

The Sangoma FreePBX Security Team has issued an advisory warning about an actively exploited FreePBX zero-day vulnerability that impacts systems with an administrator control panel (ACP) exposed to ...
GitHub

Spring Boot 3.5 Release Notes

The spring-boot-parent module is no longer published. It provides dependency management for internal dependencies used, for example, in Spring Boot’s own tests. If you were using spring-boot-parent, ...