Hackers have started to exploit a critical remote code execution vulnerability in Wing FTP Server just one day after ...

RCE Security, which found and reported the issue, said in its report on June 30 that once Lua code is injected into a session ...

Wing FTP Server vulnerability CVE-2025-47812 can be exploited for arbitrary command execution with root or system privileges.

Security researchers have confirmed attackers are actively exploiting a critical vulnerability in Wing FTP Server, a widely used solution for managing file transfers. Researchers at Huntress say the ...

Security vendor Huntress said it saw the vulnerability exploited just a day after details of the flaw were published.

Critical vulnerability (CVE-2025-47812) in Wing FTP Server exposed to active exploitation via Lua injection. Immediate patching needed.

CrushFTP, which providers customers with secure file server software, has been hit with a 0-day vulnerability that leaves ...

Security researchers are warning that hackers are launching attacks on computers that run Wing FTP Server using a critical ...

CrushFTP is warning that threat actors are actively exploiting a zero-day vulnerability tracked as CVE-2025-54309, which allows attackers to gain administrative access via the web interface on ...

Hackers are exploiting a zero-day vulnerability in CrushFTP to gain administrative privileges on vulnerable servers via HTTPS ...

CrushFTP flaw CVE-2025-54309 exploited in wild, giving attackers admin access. Older builds before July 1 are at high risk ...

This is the second time in 2025 that a CrushFTP vulnerability has been observed being exploited in the wild, following the ...