Security News > 2025 > April > Critical auth bypass bug in CrushFTP now exploited in attacks

2025-04-01 12:46
Attackers are now targeting a critical authentication bypass vulnerability in the CrushFTP file transfer software using exploits based on publicly available proof-of-concept code. [...]
News URL
Related news
- 41% of Attacks Bypass Defenses: Adversarial Exposure Validation Fixes That (source)
- ASUS warns of critical auth bypass flaw in routers using AiCloud (source)
- SAP fixes critical Netweaver flaw exploited in attacks (source)
- New "Bring Your Own Installer" EDR bypass used in ransomware attack (source)
- Ivanti warns of critical Neurons for ITSM auth bypass flaw (source)
- Fortinet fixes critical zero-day exploited in FortiVoice attacks (source)