The Hacker News

Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised

Threat actors have been observed exploiting two newly disclosed critical security flaws in Craft CMS in zero-day attacks to breach servers and gain unauthorized access. The attacks, first observed by Orange Cyberdefense SensePost on February 14, 2025, involve chaining the below vulnerabilities - CVE-2024-58136 (CVSS score: 9.0) - An improper protection of alternate path flaw in the Yii PHP

Apr 28, 2025 - 08:25
 0
Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised
Threat actors have been observed exploiting two newly disclosed critical security flaws in Craft CMS in zero-day attacks to breach servers and gain unauthorized access. The attacks, first observed by Orange Cyberdefense SensePost on February 14, 2025, involve chaining the below vulnerabilities - CVE-2024-58136 (CVSS score: 9.0) - An improper protection of alternate path flaw in the Yii PHP
Read More

Tags:

Previous Article

Huawei Nova Y73 is coming soon with an underpowered chipset

Next Article

PC modder turns Intel heat-spreader into the coolest water block ever

Related Posts

Google Drops Cookie Prompt in Chrome, Adds IP Protection to Incognito

Google Drops Cookie Prompt in Chrome, Adds IP Protectio...

Apr 23, 2025  0

Experts Uncover New XorDDoS Controller, Infrastructure as Malware Expands to Docker, Linux, IoT

Experts Uncover New XorDDoS Controller, Infrastructure ...

Apr 26, 2025  0

Android Spyware Disguised as Alpine Quest App Targets Russian Military Devices

Android Spyware Disguised as Alpine Quest App Targets R...

Apr 23, 2025  0