Equinix to build £3.9bn Hertfordshire data centre
Equinix plans to invest £3.9 billion in the project, which will deliver 250+MW of compute
The makers of BIND, the Internet’s most widely used software for resolving domain names, are warning of two vulnerabilities that allow attackers to poison entire caches of results and send users to malicious destinations that are indistinguishable from the real ones.
The vulnerabilities, tracked as CVE-2025-40778 and CVE-2025-40780, stem from a logic error and a weakness in generating pseudo-random numbers, respectively. They each carry a severity rating of 8.6. Separately, makers of the Domain Name System resolver software Unbound warned of similar vulnerabilities that were reported by the same researchers. The unbound vulnerability severity score is 5.6
The vulnerabilities can be exploited to cause DNS resolvers located inside thousands of organizations to replace valid results for domain lookups with corrupted ones. The corrupted results would replace the IP addresses controlled by the domain name operator (for instance, 3.15.119.63 for arstechnica.com) with malicious ones controlled by the attacker. Patches for all three vulnerabilities became available on Wednesday.
Source Link: https://educronix.com/cache-poisoning-vulnerabilities-found-in-2-dns-resolving-apps/ Author: Dan Goodin - Published on: 2025-10-22 22:35:41This post was originally published on this siteEquinix plans to invest £3.9 billion in the project, which will deliver 250+MW of compute
Key takeaways What Is Imagine Lens—and Why It Matters Snapchat’s Imagine Lens lets us create…
Packages downloaded from NPM can fetch dependancies from untrusted sites.
Exclusive Edge, Atlas, Brave among those affected
A critical, currently unpatched bug
The announcement brings Amazon’s total pledged investment in South Korea to $9 billion over the
