Hackers have exploited a deserialization vulnerability in Gladinet CentreStack's file-sharing software, tracked as CVE-2025-30406, to breach storage servers since March 2025. The flaw, caused by a hardcoded machineKey, allows attackers to inject malicious payloads and execute code on affected systems. Gladinet has released security updates and recommends users upgrade or rotate the machineKey to mitigate risks.