3 matches found
China-Linked APT Exploited Sitecore Zero-Day in Critical Infrastructure Intrusion
A threat actor likely aligned with China has been observed targeting critical infrastructure sectors in North America since at least last year. Cisco Talos, which is tracking the activity under the name UAT-8837 , assessed it to be a China-nexus advanced persistent threat APT actor with medium...
Exploit for Deserialization of Untrusted Data in Sitecore Experience_Commerce
PoC exploit for CVE-2025-53690, a vulnerability in a .NET framew...
CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation
Federal Civilian Executive Branch FCEB agencies are being advised to update their Sitecore instances by September 25, 2025, following the discovery of a security flaw that has come under active exploitation in the wild. The vulnerability, tracked as CVE-2025-53690 , carries a CVSS score of 9.0 ou...