CrushFTP

Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825)

April 1, 2025

Exploitation attempts targeting the CVE-2025-2825 vulnerability on internet-facing CrushFTP instances are happening, the Shadowserver Foundation has shared on Monday, and the …

CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825)

March 27, 2025

CrushFTP has fixed a critical vulnerability (CVE-2025-2825) in its enterprise file transfer solution that could be exploited by remote, unauthenticated attackers to access …

CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040)

April 23, 2024

A vulnerability (CVE-2024-4040) in enterprise file transfer solution CrushFTP is being exploited by attackers in a targeted fashion, according to Crowdstrike. The …

Resources

Download: Edgescan 2025 Vulnerability Statistics Report
Enzoic AD Lite Password Audit Report
Report: Fortune 500 employee-linked account exposure

Don't miss

NTLM relay attacks are back from the dead
Africa’s cybersecurity crisis and the push to mobilizing communities to safeguard a digital future
Google open-sources privacy tech for age verification
You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad code
Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)