Bleeping Computer

Hackers exploited Sitecore zero-day flaw to deploy backdoors

Threat actors have been exploiting a zero-day vulnerability in legacy Sitecore deployments to deploy WeepSteel reconnaissance malware. The flaw, tracked under CVE-2025-53690, is a ViewState ...
Infosecurity-magazine.com

CMS Provider Sitecore Patches Exploited Critical Zero Day

Security analysts at the Mandiant Threat Defense team have disrupted an attack exploiting a zero-day vulnerability in Sitecore, a popular content management system (CMS) used by companies such as HSBC ...