The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
All content for CyberWire Daily is the property of N2K Networks and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
Triofox and the key to disaster. [Research Saturday]
CyberWire Daily
22 minutes
1 day ago
Triofox and the key to disaster. [Research Saturday]
This week, we are joined by John Hammond, Principal Security Researcher at Huntress, who is sharing his PoC and research on "CVE-2025-30406 - Critical Gladinet CentreStack & Triofox Vulnerability Exploited In The Wild." A critical 9.0 severity vulnerability (CVE-2025-30406) in Gladinet CentreStack and Triofox is being actively exploited in the wild, allowing remote code execution via hardcoded cryptographic keys in default configuration files.
Huntress researchers observed compromises at multiple organizations and confirmed hundreds of vulnerable internet-exposed servers, urging immediate patching or manual machineKey updates. Mitigation guidance, detection, and remediation scripts have been released to help users identify and secure affected installations.
The research can be found here:
CVE-2025-30406 - Critical Gladinet CentreStack & Triofox Vulnerability Exploited In The Wild
Learn more about your ad choices. Visit megaphone.fm/adchoices
CyberWire Daily
The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
