Cybersecurity researchers have discovered a new Lua-based malware created years before the notorious Stuxnet worm that aimed to sabotage Iran's nuclear program by destroying uranium enrichment ...
In October 2025, CyberPress reported a critical security vulnerability in the Redis Server, an open-source in-memory database that allowed authenticated attackers to achieve remote code execution ...
Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Erik Steiger discusses the operational pain ...
Recently, NSFOCUS CERT detected that Redis issued a security bulletin and fixed the Redis Lua code execution vulnerability (CVE-2025-49844); Because Redis’s Lua script engine has a use-after-free ...
Redis has disclosed details of a maximum-severity security flaw in its in-memory database software that could result in remote code execution under certain circumstances. The vulnerability, tracked as ...
The critical vulnerability allows attacks to escape the in-memory data store’s Lua sandbox and subsequently execute arbitrary code on the underlying server. The popular Redis in-memory data store ...
A critical security flaw in Redis, a popular in-memory database platform used by about 75% of cloud environments, has left an estimated 60,000 servers vulnerable to remote exploitation. The flaw, ...
A 13-year-old critical flaw in Redis servers, rated a perfect 10 out of 10 in severity, can let an authenticated user trigger remote code execution. For anyone using Redis Cloud, the service has ...