Tuesday, 31 March, 2026
Cybercriminals Exploit GeoServer RCE (CVE-2024-36401) to Hijack Redis Servers via PolarEdge Campaigns
By Isha
Cybersecurity researchers report a wave of attacks exploiting the critical remote code execution flaw in OSGeo GeoServer GeoTools. Threat actors leveraged this vulnerability to infiltrate Redis servers, transforming them into IoT botnets, residential proxies, and crypto-mining infrastructure. These tactics profit stealthily—often via legitimate SDKs or modified applications—making detection harder. The campaigns, dubbed PolarEdge, mark cybercrime’s expansion beyond traditional botnets.
Read full story at The Hacker News