Security News > 2025 > April > Critical auth bypass bug in CrushFTP now exploited in attacks
2025-04-01 12:46
Attackers are now targeting a critical authentication bypass vulnerability in the CrushFTP file transfer software using exploits based on publicly available proof-of-concept code. [...]
News URL
Related news
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- Juniper patches critical auth bypass in Session Smart routers (source)
- Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches (source)
- CISA tags critical Ivanti EPM flaws as actively exploited in attacks (source)
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- Defending against EDR bypass attacks (source)
- GitLab patches critical authentication bypass vulnerabilities (source)
- Critical RCE flaw in Apache Tomcat actively exploited in attacks (source)
- Critical GitHub Attack (source)