Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a security flaw that has come under targeted exploitation in the wild.
“CrushFTP v11 versions below 11.1 have a vulnerability where users can escape their VFS and download system files,” CrushFTP said in an advisory released Friday.
Source link
Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks
Related Posts
North Korean APT Bypasses DMARC for Cyber Espionage
COMMENTARYWith heightened geopolitical tensions, a surge in cyberattacks on US and allied organizations by a North Korean cyber-espionage group is hardly unexpected. What is disquieting, however, is that an advanced…
Mistrial declared for ex-AT&T exec accused of bribing government official
A mistrial was declared today in the trial of former AT&T Illinois President Paul La Schiazza, who was accused of bribing a powerful state lawmaker’s ally in order to obtain…