When Wiki Woes: RondoDox Botnet Turns Your Knowledge Base into Chaos!

The RondoDox botnet malware is now exploiting CVE-2025-24893, a critical RCE flaw in XWiki Platform. Initially documented in July 2025, RondoDox has been growing exponentially, now targeting 30 devices via 56 vulnerabilities. The botnet’s latest trick? Injecting Groovy code and downloading malicious payloads—because who doesn’t love a bit of unsolicited code injection?

3P
Published: November 17, 2025 10:44 pmAdded: November 17, 2025 at 3:17 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like the infamous RondoDox botnet is back at it again, playing the role of a digital Houdini with its new bag of tricks! Exploiting the XWiki platform’s vulnerability, RondoDox is proving that when it comes to cybersecurity, what happens on your server, stays on your server… until it doesn’t. So, patch up or risk becoming a part of its growing fan club of compromised devices!

Key Points:

  • RondoDox botnet is exploiting CVE-2025-24893, a critical RCE flaw in XWiki Platform.
  • The RCE flaw was recently flagged by CISA as actively exploited.
  • RondoDox uses an HTTP GET request to inject malicious code into the XWiki SolrSearch endpoint.
  • Vulnerabilities impact XWiki versions before 15.10.11 and 16.4.1; patching is advised.
  • Cryptocurrency miner deployments and additional attacks observed in early November.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?