CVE-2025-53690 - Geek Feed

China-linked hackers exploited Sitecore zero-day for initial access

January 18, 2026January 18, 2026 geekfeed0Tagged 0day, APT, china, Critical Infrastructure, CVE-2025-53690, Initial Access, N-day, Sitecore, UAT-8837, Zero-Day

An advanced threat actor tracked as UAT-8837 and believed to be linked to China has been focusing on critical infrastructure systems in North America, gaining access by exploiting both known and zero-day vulnerabilities. The hacker group has been active since at least 2025, and its purpose appears to be mainly to obtain initial access to […]

3 mins read

Hackers exploited Sitecore zero-day flaw to deploy backdoors

September 8, 2025September 8, 2025 geekfeed0Tagged 0day, Actively Exploited, CVE-2025-53690, Deserialization, Key, Password Reuse, Sitecore, vulnerability, Zero-Day

Threat actors have been exploiting a zero-day vulnerability in legacy Sitecore deployments to deploy WeepSteel reconnaissance malware. The flaw, tracked under CVE-2025-53690, is a ViewState deserialization vulnerability caused by the inclusion of a sample ASP.NET machine key in pre-2017 Sitecore guides. Some customers reused this key in production, allowing attackers with knowledge of the key […]

2 mins read