Ghost Squad Hackers defaced a second European Space Agency (ESA) site in a week

Image Credit - securityaffairs.co
Last week a group of hackers that goes online with the name Ghost Squad Hackers announced the defacement of a site of the European Space Agency (ESA), https://business.esa.int/.

Now the group contacted securityaffairs again to report a second hack of a website of the European Space Agency. This time the hackers compromised the website of https://space4rail.esa.int/index.html, it is the second defacement in a few days suffered by the ESA.

Ghost Squad Hackers told securityaffairs that they have found for the second time in a few days a Server-side request forgery (SSRF) remote code execution vulnerability in the server of the agency. This time they have exploited the issue to gain access to the https://space4rail.esa.int domain and deface it.

No comments:

Critical Bug in ‘mcp-remote’ Allows Remote Code Execution

                    Critical mcp-remote Vulnerability (CVE-2025-6514) Enables Remote Code Execution on Client Systems Cybersecurity resear...