#dos

In an operation called Eastwood, authorities arrested two people and shut down more than 100 servers linked to the Russian group NoName057(16).

An international operation coordinated by Europol has disrupted the infrastructure of a pro-Russian hacktivist group known as NoName057(16) that has been linked to a string of distributed denial-of-service (DDoS) attacks against Ukraine and its allies. The actions have led to the dismantling of a major part of the group's central server infrastructure and more than 100 systems across the world.

### Summary A Denial of Service (DoS) vulnerability exists in the file processing logic when reading a file on endpoint `Filebrowser-Server-IP:PORT/files/{file-name}` . While the server correctly handles and stores uploaded files, it attempts to load the entire content into memory during read operations without size checks or resource limits. This allows an authenticated user to upload a large file and trigger uncontrolled memory consumption on read, potentially crashing the server and making it unresponsive. ### Details The endpoint ` /api/resources/{file-name}` accepts `PUT` requests with plain text file content. Uploading an extremely large file (e.g., ~1.5 GB) succeeds without issue. However, when the server attempts to open and read this file, it performs the read operation in an unbounded or inefficient way, leading to excessive memory usage. This approach attempts to read the entire file into memory at once. For large files, this causes memory exhaustion resulting in a cras...

Cloudflare on Tuesday said it mitigated 7.3 million distributed denial-of-service (DDoS) attacks in the second quarter of 2025, a significant drop from 20.5 million DDoS attacks it fended off the previous quarter. "Overall, in Q2 2025, hyper-volumetric DDoS attacks skyrocketed," Omer Yoachimik and Jorge Pacheco said. "Cloudflare blocked over 6,500 hyper-volumetric DDoS attacks, an average of 71

Apache CXF stores large stream based messages as temporary files on the local filesystem. A bug was introduced which means that the entire temporary file is read into memory and then logged. An attacker might be able to exploit this to cause a denial of service attack by causing an out of memory exception. In addition, it is possible to configure CXF to encrypt temporary files to prevent sensitive credentials from being cached unencrypted on the local filesystem, however this bug means that the cached files are written out to logs unencrypted. Users are recommended to upgrade to versions 3.5.11, 3.6.6, 4.0.7 or 4.1.1, which fixes this issue.

A denial of service vulnerability has been discovered in the resolv gem bundled with Ruby. ## Details The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet. An attacker can craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses such a packet, the name decompression process consumes a large amount of CPU resources, as the library does not limit the resulting length of the name. This resource consumption can cause the application thread to become unresponsive, resulting in a Denial of Service condition. ## Affected Version The vulnerability affects the resolv gem bundled with the following Ruby series: * Ruby 3.2 series: resolv version 0.2.2 and earlier * Ruby 3.3 series: resolv version 0.3.0 * Ruby 3.4 series: resolv version 0.6.1 and earlier ## Credits Thanks to Manu for discovering this issue. ## History Originally published at 2025-07-08 07:00:00 (UTC)

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: RMC-100 Vulnerabilities: Use of Hard-coded Cryptographic Key, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to gain unauthenticated access to the MQTT configuration data, cause a denial-of-service condition on the MQTT configuration web server (REST interface), or decrypt encrypted MQTT broker credentials. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS ABB reports the following versions of RMC-100 with the REST interface are affected. The vulnerabilities are only present when the REST interface is enabled. This interface is disabled by default: RMC-100: 2105457-043 through 2105457-045 RMC-100 LITE: 2106229-015 through 2106229-016 3.2 VULNERABILITY OVERVIEW 3.2.1 USE OF HARD-CODED CRYPTOGRAPHIC KEY CWE-321 When the REST interface is enabled by the user, and an attacker gains access to the source code...

py-libp2p before 0.2.3 allows a peer to cause a denial of service (resource consumption) via a large RSA key.

A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically within the DonutProcessor class's `token2json()` method. This vulnerability affects versions 4.51.3 and earlier, and is fixed in version 4.52.1. The issue arises from the regex pattern `<s_(.*?)>` which can be exploited to cause excessive CPU consumption through crafted input strings due to catastrophic backtracking. This vulnerability can lead to service disruption, resource exhaustion, and potential API service vulnerabilities, impacting document processing tasks using the Donut model.

Connect2id Nimbus JOSE + JWT before 10.0.2 allows a remote attacker to cause a denial of service via a deeply nested JSON object supplied in a JWT claim set, because of uncontrolled recursion. NOTE: this is independent of the Gson 2.11.0 issue because the Connect2id product could have checked the JSON object nesting depth, regardless of what limits (if any) were imposed by Gson.