News

Top CMS Sitecore patches critical zero-day flaw being hit by hackers

The zero-day is described as a critical deserialization vulnerability affecting Sitecore Experience Manager (XM), Sitecore ...
SecurityWeek1d

Hackers Exploit Sitecore Zero-Day for Malware Delivery

An ASP.NET feature, ViewState stores the state of a webpage in a hidden HTML field, for persistence. Attackers can target the ...
HealthcareInfoSecurity1d

Attackers Exploit Sitecore Zero Day

Attackers exploited a now-patched zero-day vulnerability in a popular content management system that powers websites for ...

Hackers exploited Sitecore zero-day flaw to deploy backdoors

Threat actors have been exploiting a zero-day vulnerability in legacy Sitecore deployments to deploy WeepSteel reconnaissance ...
CSO Online22h

Sitecore zero-day configuration flaw under active exploitation

Attackers are leveraging a sample machine key in Sitecore products for initial access before ViewState code injections lead ...
The Hacker News3h

CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation

"The upshot of CVE-2025-53690 is that an enterprising threat actor somewhere has apparently been using a static ASP.NET ...
The Register on MSN21h

Attackers snooping around Sitecore, dropping malware via public sample keys

You cut and pasted the machine key from the official documentation? Ouch Unknown miscreants are exploiting a configuration ...
Infosecurity Magazine1d

CMS Provider Sitecore Patches Exploited Critical Zero Day

Google Cloud’s Mandiant successfully disrupted an active ViewState deserialization attack affecting Sitecore deployments ...
InfoWorld2y

How to use response compression in ASP.NET Core - InfoWorld

Take advantage of response compression middleware in ASP.NET Core to reduce bandwidth requirements and improve the responsiveness of your apps.