CVE-2025-12480 - Vulnerability Details

Threat entity extracted from intelligence sources

Frequency
12
occurrences
First Seen
November 10, 2025
Last Seen
December 16, 2025

CVE-2025-12480 is a vulnerability tracked across 14 threat clusters and 12 intelligence report mentions on ThreatCluster. First observed November 10, 2025; most recent activity December 16, 2025.

Related Threat Clusters

  • New WebKit Zero-Day CVE-2025-14174 Discovered and Exploited

    A new zero-day vulnerability in Apple's WebKit, identified as CVE-2025-14174, has been confirmed and is actively being exploited. This follows the recent disclosure of another critical zero-day vulnerability in…

    1 article · Updated December 16, 2025
  • Akira Ransomware Group Targets Critical Infrastructure, Extracts $42 Million

    The Akira ransomware group has been identified as a significant threat to critical infrastructure, with the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the FBI warning of its active ransomware…

    9 articles · Updated November 14, 2025
  • Exploitation of Triofox Vulnerability CVE-2025-12480 by Hackers

    Cyber threat actors are exploiting a critical unauthenticated access vulnerability in Gladinet’s Triofox file-sharing platform, tracked as CVE-2025-12480. This vulnerability allows unauthorized administrative access and…

    3 articles · Updated November 11, 2025
  • Medusa and DragonForce Ransomware Exploit RMM Tools in 2025 UK Attacks

    In 2025, ransomware groups Medusa and DragonForce targeted UK organizations by exploiting three critical vulnerabilities in the SimpleHelp Remote Monitoring and Management platform. These vulnerabilities…

    9 articles · Updated November 11, 2025
  • Ransomware Groups Medusa and DragonForce Exploit RMM Tools in 2025 Attacks

    In 2025, ransomware groups Medusa and DragonForce targeted UK organizations by exploiting vulnerabilities in the SimpleHelp Remote Monitoring and Management platform. They leveraged three critical vulnerabilities…

    3 articles · Updated November 11, 2025
  • Five Plead Guilty in North Korean IT Worker Fraud Scheme

    Five individuals have pleaded guilty to facilitating North Korean operatives in obtaining remote IT jobs at U.S. companies by using false and stolen identities. The U.S. Department of Justice has also seized $15 million…

    39 articles · Updated November 17, 2025
  • Exploitation of Triofox CVE-2025-12480 Vulnerability by Hackers

    Hackers are exploiting a critical unauthenticated access vulnerability (CVE-2025-12480) in Gladinet's Triofox file-sharing platform. This flaw allows attackers to bypass authentication and gain administrative access,…

    4 articles · Updated November 11, 2025
  • APT Groups Target Construction Sector for Credential Theft

    Advanced persistent threat (APT) groups from China, Russia, North Korea, and Iran are increasingly attacking the construction industry to gain unauthorized access to corporate networks. These attacks exploit…

    2 articles · Updated November 11, 2025
  • Data Breach Exposes 12,000 Documents from Chinese Firm Knownsec

    A significant data breach at the Chinese cybersecurity firm Knownsec has resulted in the leak of over 12,000 classified documents, revealing sensitive information about state-sponsored cyber weapons and espionage…

    5 articles · Updated November 17, 2025
  • Francesco Nicodemo Targeted by Paragon Spyware in Italy

    Francesco Nicodemo, a political communications strategist in Italy, has been identified as a target of the Paragon spyware surveillance campaign. He revealed that he had been under surveillance for 10 months before…

    2 articles · Updated November 10, 2025

Recent Intelligence Reports

  • CVE-2025-14174 Vulnerability: A New Memory Corruption Zero — Socprime · December 16, 2025
  • 17th November — Research.Checkpoint · November 17, 2025
  • Akira Ransomware Group Poses ‘Imminent Threat’ to Critical Infrastructure: CISA — Thecyberexpress · November 13, 2025
  • Risky Bulletin: Another Chinese security firm has its data leaked — News.Risky.Biz · November 12, 2025
  • Unauthenticated Remote Access via Triofox Vulnerability Exploited by UNC6485 (Campaign) — Wiz · November 12, 2025
  • Hackers abuse Triofox antivirus feature to deploy remote access tools — Bleepingcomputer · November 11, 2025
  • Hackers Exploit Critical Flaw in Gladinet's Triofox File Sharing Product — Infosecurity-Magazine · November 11, 2025
  • Hackers Exploiting Triofox 0 — Cybersecuritynews · November 11, 2025

CVSS v3.1 Breakdown