Hackers have begun exploiting a critical authentication bypass vulnerability in the OttoKit WordPress plugin just hours after its public disclosure. Users are urged to upgrade to version 1.0.79 to prevent unauthorized access, as attackers can create new admin accounts without authentication. Swift action is necessary to mitigate the risk of full site takeover following the flaw's identification as CVE-2025-3102.

Attackers are exploiting a critical authentication bypass vulnerability (CVE-2025-2825) in CrushFTP file transfer software, allowing unauthenticated access to unpatched versions. CrushFTP has urged users to update their software immediately, while security monitoring platforms report numerous exploitation attempts against exposed servers. A workaround is available for those unable to update right away, but vulnerability remains a significant concern, especially given past attacks linked to ransomware gangs.

Over 1,200 Citrix NetScaler ADC and Gateway appliances remain unpatched against the critical CVE-2025-5777 vulnerability, which allows attackers to hijack user sessions and bypass authentication. Despite Citrix's assertion that there is no evidence of exploitation, cybersecurity firms report medium confidence that the flaw is being actively targeted. Administrators are urged to apply patches and monitor for suspicious activity on their systems.