Bleeping Computer

Hackers exploiting zero-day in Gladinet file sharing software

Threat actors are exploiting a zero-day vulnerability (CVE-2025-11371) in Gladinet CentreStack and Triofox products, which allows a local attacker to access system files without authentication. At ...
Computerworld

Using darkjumper to test for remote file inclusion

Using the inclusion switch will test for both local file inclusion (LFI) and RFI, again on every website identified on the target. This is our main focus for the evaluation since we’ve seen an ...
Bleeping Computer

Critical jsPDF flaw lets hackers steal secrets via generated PDFs

The jsPDF library for generating PDF documents in JavaScript applications is vulnerable to a critical vulnerability that allows an attacker to steal sensitive data from the local filesystem by ...
CSOonline

Gladinet file sharing zero-day brings patched flaw back from the dead

Criminals have been spotted exploiting a new zero-day vulnerability in Gladinet CentreStack and Triofox file sharing servers that could allow them to re-create the conditions of an earlier flaw ...
Infosecurity-magazine.com

High-Severity Vulnerability Discovered in Popular CMS

A high-severity vulnerability has been discovered in PHPFusion, an open-source content management system (CMS) used by over 15 million websites worldwide to manage and customize their content and ...