Skip to content

Aggregating Cyber Insights

Articles
Breaches
Learning
News
Podcast
Research
Toolkit
Vulnerabilities
Webinars
About Us

Home
Vulnerabilities
From Cybersecurity Help – Threat actors exploiting recent CrushFTP auth bypass flaw for persistent access

From Cybersecurity Help – Threat actors exploiting recent CrushFTP auth bypass flaw for persistent access

Posted inVulnerabilities

From Cybersecurity Help – Threat actors exploiting recent CrushFTP auth bypass flaw for persistent access

Posted by

Samir K April 8, 2025

The vulnerability, now tracked as CVE-2025-31161, allows attackers to bypass authentication and gain unauthorized access to targeted systems.

Tags:

AnyDesk remote access attack authentication bypass flaw CISA KEV Catalog update CrushFTP attack campaign CrushFTP cyber threat CrushFTP vulnerability CrushFTP zero-day exploit CVE-2025-2825 rejected CVE-2025-31161 cyber awareness cyber defense cyber protection cyber threats cybersecurity digital privacy enterprise file transfer attack exploits Huntress CrushFTP report infosec known exploited vulnerabilities CISA MeshAgent malicious DLL MeshAgent malware telemetry MITRE CVE-2025-31161 MSP targeting cyberattack network security note online security Outpost24 CrushFTP research post-exploitation activity CrushFTP remote access tool abuse SAM hive credential dumping security security perspective Shadowserver CrushFTP exposure Telegram bot cyberattack threat threat actors persistent access threat intelligence threat note threatnote VulnCheck CVE misassignment vulnerabilities zero days

Last updated on July 3, 2025

Search

Latest Posts

From The Hacker News – cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch NowMay 9, 2026
From The Hacker News – cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch NowMay 9, 2026
From Cyber Security News – TCLBANKER Malware Targets Users Through Self-Propagating WhatsApp and Outlook Worm ModulesMay 9, 2026
From Cyber Security News – NVIDIA Data Breach Reportedly Exposes Personal Information of GeForce UsersMay 9, 2026
From Cyber Security News – Let’s Encrypt Halts Certificate Issuance After Cross-Signed Root Certificate IncidentMay 9, 2026

Total Visitors

Archives

Copyright 2026 — Threat Note. All rights reserved. Bloghash WordPress Theme