Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised

Updated on April 28, 2025

Threat actors have been observed exploiting two newly disclosed critical security flaws in Craft CMS in zero-day attacks to breach servers and gain unauthorized access.
The attacks, first observed by Orange Cyberdefense SensePost on February 14, 2025, involve chaining the below vulnerabilities –

CVE-2024-58136 (CVSS score: 9.0) – An improper protection of alternate path flaw in the Yii PHP…

Read the rest of the story at Read More

Source: The Hacker News

October 24, 2024 Uncategorized

Cisco Issues Urgent Fix for ASA and FTD ...

October 9, 2024 Uncategorized

Microsoft Detects Growing Use of File Ho...

November 29, 2023 Uncategorized

Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised

Related posts

Cisco Issues Urgent Fix for ASA and FTD ...

Microsoft Detects Growing Use of File Ho...

Iranian Hackers Exploit PLCs in Attack o...

Leave a Comment Cancel reply

Recent News

Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi

Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed

⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors

Perfection is a Myth. Leverage Isn’t: How Small Teams Can Secure Their Google Workspace

Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems

TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China

How to Automate CVE and Vulnerability Advisory Response with Tines