Security researchers report active exploitation of a critical authentication bypass vulnerability (CVE-2025-2825) in CrushFTP, affecting versions up to 11.3.0. Approximately 1,512 unpatched instances exist globally, primarily in North America. Exploits allow unauthenticated remote access, risking system compromise. Users are advised to upgrade to version 11.3.1 or 10.8.4+ and apply recommended mitigations immediately.
Bugcrowd’s new MSP program looks to transform pen testing for small businesses
Bugcrowd has introduced a service to assist Managed Service Providers (MSPs) in enhancing their penetration testing capabilities, with a specific emphasis on aiding small businesses.
