Hackers Abuse Triofox Antivirus Feature to Deploy Remote Access Tools

Hackers abuse Triofox antivirus feature to deploy remote access tools

Hackers exploited a critical vulnerability and the built-in antivirus feature in Gladinet's Triofox file-sharing and remote-access platform to achieve remote code execution with SYSTEM privileges. [...]

Attackers exploited another Gladinet Triofox zero-day (CVE-2025-12480)

Attackers have exploited a now-fixed vulnerability (CVE-2025-12480) in the Gladinet Triofox platform while it was still a zero-day.

Mandiant Warns of Active Exploitation of Critical Triofox Flaw Allowing Remote Access

Mandiant has issued a critical warning regarding the active exploitation of CVE-2025-12480, a severe improper access control vulnerability within Gladinet’s Triofox file-sharing and remote access platform. This flaw allo…

Hackers Exploiting Triofox Flaw To Install Remote Access Tools Via Antivirus Feature - Cybernoz - Cybersecurity News

Nov 10, 2025Ravie LakshmananVulnerability / Incident Response Google’s Mandiant Threat Defense on Monday said it discovered n-day exploitation of a now-patched security flaw in Gladinet’s Triofox file-sharing and remote access platform. The critical vulnerability, tracked as CVE-2025-12480 (CVSS score: 9.1), allows an attacker to bypass authentication and access the configuration pages, resulting in the upload and execution of arbitrary paylo…

Hackers Exploiting Triofox Flaw to Install Remote Access Tools via Antivirus Feature

Google's Mandiant Threat Defense on Monday said it discovered n-day exploitation of a now-patched security flaw in Gladinet's Triofox file-sharing and remote access platform. The critical vulnerability, tracked as CVE-2025-12480 (CVSS score: 9.1), allows an attacker to bypass authentication and access the configuration pages, resulting in the upload and execution of arbitrary payloads.  The