Latest Tech News

Stay updated with the latest in technology, AI, cybersecurity, and more

Filtered by: crushftp Clear Filter

Over 1,000 CrushFTP servers exposed to ongoing hijack attacks

bleepingcomputer.com Unknown 2026-01-07 11:34:21

Over 1,000 CrushFTP instances currently exposed online are vulnerable to hijack attacks that exploit a critical security bug, providing admin access to the web interface. The security vulnerability (CVE-2025-54309) is due to mishandled AS2 validation and impacts all CrushFTP versions below 10.8.5 and 11.3.4_23. The vendor tagged the flaw as actively exploited in the wild on July 19th, noting that attacks may have begun earlier, although it has yet to find evidence to confirm this. "July 18th,

Topics: 2025 attacks crushftp cve data
Read More
Shop Amazon

New CrushFTP zero-day exploited in attacks to hijack servers

bleepingcomputer.com Unknown 2026-01-06 22:24:29

CrushFTP is warning that threat actors are actively exploiting a zero-day vulnerability tracked as CVE-2025-54309, which allows attackers to gain administrative access via the web interface on vulnerable servers. CrushFTP is an enterprise file transfer server used by organizations to securely share and manage files over FTP, SFTP, HTTP/S, and other protocols. According to CrushFTP, threat actors were first detected exploiting the vulnerability on July 18th at 9AM CST, though it may have begun

Topics: crushftp default http prior vulnerability
Read More
Shop Amazon

CrushFTP zero-day exploited in attacks to gain admin access on servers

bleepingcomputer.com Unknown 2026-01-07 10:24:29

CrushFTP is warning that threat actors are actively exploiting a zero-day vulnerability tracked as CVE-2025-54309, which allows attackers to gain administrative access via the web interface on vulnerable servers. CrushFTP is an enterprise file transfer server used by organizations to securely share and manage files over FTP, SFTP, HTTP/S, and other protocols. According to CrushFTP, threat actors were first detected exploiting the vulnerability on July 18th at 9AM CST, though it may have begun

Topics: crushftp default http prior vulnerability
Read More
Shop Amazon
Trending Topics
Hot Now
ai 3633 apple 3003 new 2392 google 2022 content 1726
Popular
like 1492 company 1421 pro 1314 iphone 1150 app 1123 zdnet 1106 said 1060 data 1047 does 904 reviews 890
Emerging
editorial 869 amazon 857 game 808 samsung 775 phone 761 pixel 756 android 741 just 717 users 683 available 682
About GoKawiil

GoKawiil is a project by nerdhub.co that curates technology news from trusted sources. We built this site to provide a cleaner, more mobile-friendly experience without intrusive ads or heavy JavaScript.

Privacy

Your privacy matters. GoKawiil doesn't use Google Analytics or Facebook Pixel. The only tracking occurs through affiliate links to Amazon.

Advertising

Interested in advertising? Contact us at [email protected]