A critical CrushFTP vulnerability now under exploitation in the wild has become mired in controversy and confusion. On March 31, the Shadowserver Foundation reported that exploitation activity was ...

This story was originally published on Cybersecurity Dive. To receive daily news and insights, subscribe to our free daily Cybersecurity Dive newsletter. A critical vulnerability in CrushFTP's file ...

Update April 22, 16:31 EDT: This CrushFTP VFS sandbox escape vulnerability is now tracked as CVE-2024-4040. CrushFTP warned customers today in a private memo of an actively exploited zero-day ...

A critical flaw was discovered in file transfer tool CrushFTP Experts claim the issue was being abused in the wild CISA added the flaw to its KEV catalog A critical-severity vulnerability plaguing ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Some weeks start better than others. If you are a member of an ...

At least 10,000 CrushFTP instances are vulnerable to a critical flaw, which is currently being exploited by attackers, affecting the file transfer solution, according to cybersecurity experts. The ...

A serious security vulnerability has been discovered in CrushFTP, a data transfer software. It allows attackers unauthorized access from the network. Updates to close the gap are available. However, ...

GUEST OPINION: In April, managed file transfer vendor CrushFTP released information to a private mailing list on a new zero-day vulnerability affecting versions below 10.7.1 and 11.1.0 (as well as ...

Attacks on a vulnerability in the CrushFTP data transfer software have been known on the Internet since last week. The initial vulnerability description remained extremely superficial and only ...