Sign Up
Already have an account?Log In
By clicking "Sign Up" you agree to our terms of service and privacy policy
- Username should be more than 3 characters.
- Username cannot start with numeric character.
- Username characters must be from {a-z,0-9}, special characters are not allowed.
- Make sure the Email is working to receive verification code & password reset link.
- Password should be more than 6 characters.
Forgot Password
Hackers Exploit Key Craft CMS Vulnerabilities, Prompting Urgent Security Actions
Hackers have been actively exploiting critical vulnerabilities in Craft CMS, highlighting the urgency for security updates. Two significant flaws, one allowing improper access to restricted resources and another enabling remote code execution (RCE), have been identified. The RCE vulnerability, in particular, leverages an image transformation feature that can be manipulated through unauthenticated POST requests. These attacks, first observed in February 2025, underscore the need for immediate patches and updates, such as those implemented in recent Craft CMS versions. Organizations using Craft CMS are advised to update their systems promptly and implement additional security measures to protect against these exploits, which could lead to server breaches and unauthorized access. The ongoing exploitation emphasizes the importance of staying vigilant and proactive in maintaining cybersecurity.
Share
Copied