Attacks on a vulnerability in the CrushFTP data transfer software have been known on the Internet since last week. The initial vulnerability description remained extremely superficial and only ...

A critical CrushFTP vulnerability now under exploitation in the wild has become mired in controversy and confusion. On March 31, the Shadowserver Foundation reported that exploitation activity was ...

This story was originally published on Cybersecurity Dive. To receive daily news and insights, subscribe to our free daily Cybersecurity Dive newsletter. A critical vulnerability in CrushFTP's file ...

At least 10,000 CrushFTP instances are vulnerable to a critical flaw, which is currently being exploited by attackers, affecting the file transfer solution, according to cybersecurity experts. The ...

The US top cybersecurity agency has confirmed that the critical vulnerability in file transfer solution provider CrushFTP’s product is being exploited in the wild. The authentication bypass ...

GUEST OPINION: In April, managed file transfer vendor CrushFTP released information to a private mailing list on a new zero-day vulnerability affecting versions below 10.7.1 and 11.1.0 (as well as ...

Virtual file transfer system provider CrushFTP and various security researchers are sounding the alarm about a sandbox escape flaw in the CrushFTP server that attackers already have exploited as a ...

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

CrushFTP, a service that provides users with secure file server software, has recently been targeted by hackers. Unfortunately, it seems as if some customers have been compromised, with thousands of ...

Last week, a security vulnerability in the data transfer software CrushFTP classified as a critical risk became known. IT security researchers are now observing attack attempts on vulnerable instances ...

Update April 22, 16:31 EDT: This CrushFTP VFS sandbox escape vulnerability is now tracked as CVE-2024-4040. CrushFTP warned customers today in a private memo of an actively exploited zero-day ...