Infosecurity-magazine.com

CMS Provider Sitecore Patches Exploited Critical Zero Day

Security analysts at the Mandiant Threat Defense team have disrupted an attack exploiting a zero-day vulnerability in Sitecore, a popular content management system (CMS) used by companies such as HSBC ...
CSOonline

Sitecore zero-day configuration flaw under active exploitation

Attackers are leveraging a sample machine key in Sitecore products for initial access before ViewState code injections lead to escalated privileges and lateral movement across the network. A sample ...
Bleeping Computer

Hackers exploited Sitecore zero-day flaw to deploy backdoors

Threat actors have been exploiting a zero-day vulnerability in legacy Sitecore deployments to deploy WeepSteel reconnaissance malware. The flaw, tracked under CVE-2025-53690, is a ViewState ...
Hosted on MSN

Top CMS Sitecore patches critical zero-day flaw being hit by hackers

Sitecore patched a critical zero-day deserialization flaw affecting legacy deployments Threat actors exploited the vulnerability to deploy malware like WeepSteel Mandiant intervened mid-attack, ...
Dark Reading

Sitecore Zero-Day Sparks New Round of ViewState Threats

A critical Sitecore zero-day vulnerability is under active exploitation in the latest series of ViewState deserialization attacks this year. The vulnerability, tracked as CVE-2025-53690 and disclosed ...