Cybercriminals Exploit GeoServer RCE (CVE-2024-36401) to Hijack Redis Servers via PolarEdge Campaigns

Tuesday, 26 August

Sunday, 24 August, 2025

Cybercriminals Exploit GeoServer RCE (CVE-2024-36401) to Hijack Redis Servers via PolarEdge Campaigns

Cybersecurity researchers report a wave of attacks exploiting the critical remote code execution flaw in OSGeo GeoServer GeoTools. Threat actors leveraged this vulnerability to infiltrate Redis servers, transforming them into IoT botnets, residential proxies, and crypto-mining infrastructure. These tactics profit stealthily—often via legitimate SDKs or modified applications—making detection harder. The campaigns, dubbed PolarEdge, mark cybercrime’s expansion beyond traditional botnets.

Read full story at The Hacker News

Tags:cybercriminals code execution crypto-mining

Categories

Cybercriminals Exploit GeoServer RCE (CVE-2024-36401) to Hijack Redis Servers via PolarEdge Campaigns

Also Read

Qatar Investment Authority Moves Karnataka HC to Enforce $235M Arbitral Award Against Byju Raveendran

ChatGPT “Googles” Queries Behind the Scenes—So Google Search Isn’t Dead After All

Uttar Pradesh Launches QR Code-Based Property Checks and Instant Registries, Streamlining Rent Agreements

Scientists Develop Perovskite Solar Cells That Let Indoor Devices Run Battery-Free

Amazon, Flipkart Push for Export Exemption from India’s E-Commerce FDI Rules

WinZO Pivoting to Micro-Dramas & Subscriptions, Expands Into U.S. After RMG Ban

Malicious Go Module Masquerading as SSH Brute-Force Tool Steals Login Credentials via Telegram

Power Utilities Turn to AI to Bolster Cybersecurity in Evolving Threat Landscape

Thoma Bravo to Acquire Verint Systems in $2 Billion All-Cash Deal, Combining It with Calabrio

Subscribe To Our Newsletter.