Topic: active exploitation flaw

Sort by: Relevance | Date
  • 1,000+ CrushFTP servers vulnerable to active hijacking attacks
    July 22, 2025
    90%

    1,000+ CrushFTP servers vulnerable to active hijacking attacks

    Over 1,000 CrushFTP servers remain vulnerable to a critical flaw (CVE-2025-54309), allowing attackers to hijack admin access and steal sensitive data due to improper AS2 validation in outdated versions. CrushFTP confirmed active exploitation in mid-July, urging users to patch to versions 10.8.5 o...

    Read More »

Related Topics

crushftp vulnerability cve-2025-54309 (2) data theft risk (2) unpatched crushftp instances (1) importance patching updates (1) previous crushftp zero-day cve-2024-4040 (1) cyberespionage campaigns (1) managed file transfer mft solutions as targets (1) ransomware groups exploiting vulnerabilities (1)