Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks

3 months ago [email protected] (The Hacker News)
Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks


Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a security flaw that has come under targeted exploitation in the wild.
“CrushFTP v11 versions below 11.1 have a vulnerability where users can escape their VFS and download system files,” CrushFTP said in an advisory released Friday.

The post “Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks” appeared first on The Hacker News

Source:The Hacker News – [email protected] (The Hacker News)

Tags: , ,

More Stories

French Authorities Launch Operation to Remove PlugX Malware from Infected Systems

3 hours ago [email protected] (The Hacker News)

Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials

4 hours ago [email protected] (The Hacker News)

This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps

20 hours ago [email protected] (The Hacker News)

Offensive AI: The Sine Qua Non of Cybersecurity

22 hours ago [email protected] (The Hacker News)

U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals

1 day ago [email protected] (The Hacker News)

Ongoing Cyberattack Targets Exposed Selenium Grid Services for Crypto Mining

1 day ago [email protected] (The Hacker News)