Bleeping Computer

Hackers exploit ProjectSend flaw to backdoor exposed servers

Threat actors are using public exploits for a critical authentication bypass flaw in ProjectSend to upload webshells and gain remote access to servers. The flaw, tracked as CVE-2024-11680, is a ...
Infosecurity-magazine.com

Malicious Actors Exploit ProjectSend Critical Vulnerability

Public-facing instances of ProjectSend, an open-source file-sharing web application, have been exploited by attackers, according to vulnerability intelligence provider VulnCheck. ProjectSend was ...