A critical CrushFTP vulnerability now under exploitation in the wild has become mired in controversy and confusion. On March 31, the Shadowserver Foundation reported that exploitation activity was ...

This story was originally published on Cybersecurity Dive. To receive daily news and insights, subscribe to our free daily Cybersecurity Dive newsletter. A critical vulnerability in CrushFTP's file ...

A serious security vulnerability has been discovered in CrushFTP, a data transfer software. It allows attackers unauthorized access from the network. Updates to close the gap are available. However, ...

Update April 22, 16:31 EDT: This CrushFTP VFS sandbox escape vulnerability is now tracked as CVE-2024-4040. CrushFTP warned customers today in a private memo of an actively exploited zero-day ...

At least 10,000 CrushFTP instances are vulnerable to a critical flaw, which is currently being exploited by attackers, affecting the file transfer solution, according to cybersecurity experts. The ...

The US top cybersecurity agency has confirmed that the critical vulnerability in file transfer solution provider CrushFTP’s product is being exploited in the wild. The authentication bypass ...

Attacks on a vulnerability in the CrushFTP data transfer software have been known on the Internet since last week. The initial vulnerability description remained extremely superficial and only ...

GUEST OPINION: In April, managed file transfer vendor CrushFTP released information to a private mailing list on a new zero-day vulnerability affecting versions below 10.7.1 and 11.1.0 (as well as ...