Hackers Exploiting Redis Vulnerability to Deploy New Redigo Malware on Servers


Targeting Redis servers, a previously unknown Go-based malware aims to take control of the compromised systems and probably create a botnet network. The vulnerability, identified as CVE-2022-0543 (CVSS score: 10.0), relates to a sandbox escape instance in the Lua scripting engine that may be exploited to achieve remote code execution.

According to cloud security company Aqua, the assaults make use of a serious security flaw in the open source, in-memory, key-value store that was exposed earlier this year to deploy Redigo.

Read More…