Minecraft Mod Vulnerabilities: Hackers Target Servers and Players
Hackers are actively exploiting the BleedingPipe remote code execution vulnerability in Minecraft mods to take control of servers and players' devices. The vulnerability, caused by incorrect use of deserialization, allows attackers to send crafted network packets to vulnerable servers, enabling them to install malware on connected devices. The flaw impacts numerous Minecraft mods, and a threat actor is actively scanning for vulnerable servers. To protect against BleedingPipe, users should update impacted mods or migrate to fixed forks, use the PipeBlocker mod, and scan for suspicious files.