CrushFTP zero-day exploited in attacks to gain admin access on servers
From BleepingComputer to All on Fri Jul 18 18:47:13 2025
CrushFTP is warning that threat actors are actively exploiting a zero-day vulnerability tracked as CVE-2025-54309, which allows attackers to gain administrative access via the web interface on vulnerable servers. [...]