XE Group, a cybercriminal outfit that has been active for over a decade, has been quietly exploiting zero-day vulnerabilities (CVE-2025-25181, CVE-2024-57968) in VeraCore software, a popular solution for warehouse management and order fulfillment. According to Intezer and Solis Security researchers, their targets are companies in the manufacturing and distribution sectors. “In one instance, the group was found to have compromised an organization in 2020, maintaining persistent access to an endpoint for over four years,” Intezer … More
The post Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968) appeared first on Help Net Security.
This article has been indexed from Help Net Security