Threat actors have exploited a zero-day vulnerability in Craft CMS to execute PHP code on hundreds of websites.
The post Craft CMS Zero-Day Exploited to Compromise Hundreds of Websites appeared first on SecurityWeek.
CISA Warns of Attacks Exploiting Craft CMS Vulnerability
CISA has added a Craft CMS flaw tracked as CVE-2025-23209 to its Known Exploited Vulnerabilities (KEV) catalog.
The post CISA Warns of Attacks Exploiting Craft CMS Vulnerability appeared first on SecurityWeek.