Exploitation of Triofox Vulnerability CVE-2025-12480 by Hackers

Exploitation of Triofox Vulnerability CVE-2025-12480 by Hackers

First seen 11 Nov 2025, 16:33 UTC MandiantCybersecuritynewsInfosecurity-Magazine 81% similarity 62.8

Article Content

Browse articles
ThreatCluster

Cyber threat actors are exploiting a critical unauthenticated access vulnerability in Gladinet’s Triofox file-sharing platform, tracked as CVE-2025-12480. This vulnerability allows unauthorized administrative access and has been actively weaponized since August 2025 by the threat cluster UNC6485, which also abuses the platform's built-in anti-virus feature for code execution.

ThreatCluster AI

Community

Browse all →