CrushFTP

Huntress Documents In-The-Wild Exploitation of Critical Gladinet Vulnerabilities

CrushFTP, CVE-2025-30406, Gladinet, Malware & Threats, Supply Chain Security, Triofox /

Huntress Documents In-The-Wild Exploitation of Critical Gladinet Vulnerabilities 2025-04-14 at 20:31 By Ryan Naraine The flaw, tagged as CVE-2025-30406, was added to CISA’s Known Exploited Vulnerabilities (KEV) catalog in early April. The post Huntress Documents In-The-Wild Exploitation of Critical Gladinet Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source […]

React to this headline:

Loading spinner

Huntress Documents In-The-Wild Exploitation of Critical Gladinet Vulnerabilities Read More »

Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks

CrushFTP, CVE-2025-31161, exploited, Malware & Threats /

Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks 2025-04-08 at 12:06 By Eduard Kovacs Huntress has shared details on the post-exploitation activities of threat actors targeting the recent CrushFTP vulnerability. The post Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks Read More »

Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability 

CrushFTP, CVE, exploited, Featured, Vulnerabilities /

Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability  2025-04-03 at 13:31 By Eduard Kovacs Two CVEs now exist for an actively exploited CrushFTP vulnerability and much of the security industry is using the ‘wrong one’. The post Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability  appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability  Read More »

Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825)

CrushFTP, CVE, Don't miss, Hot stuff, News, PoC, Rapid7, Shadowserver, VulnCheck /

Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825) 2025-04-01 at 18:49 By Zeljka Zorz Exploitation attempts targeting the CVE-2025-2825 vulnerability on internet-facing CrushFTP instances are happening, the Shadowserver Foundation has shared on Monday, and the attackers have been leveraging publicly available PoC exploit code. What can be done? CVE-2025-2825, affecting CrushFTP versions 10.0.0 through

React to this headline:

Loading spinner

Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825) Read More »

CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability

CrushFTP, exploited, Vulnerabilities, vulnerability /

CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability 2025-04-01 at 14:21 By Eduard Kovacs Shadowserver has started seeing exploitation attempts aimed at a CrushFTP vulnerability tracked as CVE-2025-2825 and CVE-2025-31161. The post CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability Read More »

CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825)

CrushFTP, Don't miss, enterprise, file-sharing, Hot stuff, News, security update, SMBs, vulnerability /

CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) 2025-03-27 at 13:14 By Zeljka Zorz CrushFTP has fixed a critical vulnerability (CVE-2025-2825) in its enterprise file transfer solution that could be exploited by remote, unauthenticated attackers to access vulnerable internet-facing servers (and likely the data stored on them). Attackers, especially ransomware gangs, have a penchant for leveraging 0-day

React to this headline:

Loading spinner

CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) Read More »

Over 1,400 CrushFTP Instances Vulnerable to Exploited Zero-Day

CrushFTP, CVE-2024-4040, Malware & Threats, Vulnerabilities, Zero-Day /

Over 1,400 CrushFTP Instances Vulnerable to Exploited Zero-Day 2024-04-26 at 17:16 By Ionut Arghire More than 1,400 CrushFTP servers remain vulnerable to an actively exploited zero-day for which PoC has been published. The post Over 1,400 CrushFTP Instances Vulnerable to Exploited Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Over 1,400 CrushFTP Instances Vulnerable to Exploited Zero-Day Read More »

CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040)

Censys, CrowdStrike, CrushFTP, CVE, Don't miss, enterprise, exploit, FTP, Hot stuff, News /

CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040) 2024-04-23 at 13:01 By Zeljka Zorz A vulnerability (CVE-2024-4040) in enterprise file transfer solution CrushFTP is being exploited by attackers in a targeted fashion, according to Crowdstrike. The vulnerability allows attackers to escape their virtual file system and download system files (i.e., configuration files), but only if

React to this headline:

Loading spinner

CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040) Read More »

CrushFTP Patches Exploited Zero-Day Vulnerability

CrushFTP, exploited, Vulnerabilities /

CrushFTP Patches Exploited Zero-Day Vulnerability 2024-04-22 at 16:32 By Ionut Arghire CrushFTP patches a zero-day vulnerability allowing unauthenticated attackers to escape the VFS and retrieve system files. The post CrushFTP Patches Exploited Zero-Day Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

CrushFTP Patches Exploited Zero-Day Vulnerability Read More »

Scroll to Top