Huntress documents in-the-wild exploitation of critical Gladinet vulnerabilities

Security researchers at Huntress are documenting active exploitation of a critical vulnerability in Gladinet CentreStack and Triofox software, where default cryptographic configurations have enabled attacks against seven organizations and triggered anomalous activity on roughly 120 endpoints.

The flaw, tagged as CVE-2025-30406, was added to CISA’s Known Exploited Vulnerabilities (KEV) catalog in early April and carries a CVSS severity score of 9/10.

Read more at Security Week