VulnHub

Real-time Cybersecurity News

Unpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active Attacks

The Hacker News
Actively Exploited
CVEZero-dayVulnerabilityPatchUpdate

Overview

A serious security vulnerability in Gogs, a self-hosted Git service, is currently being exploited, affecting over 700 instances worldwide. This flaw, identified as CVE-2025-8110, has a CVSS score of 8.7 and allows attackers to overwrite files via the file update API. The lack of a patch means that many users are at risk, and researchers from Wiz have highlighted the urgency of addressing this issue. Companies using Gogs should take immediate action to secure their installations and monitor for any signs of compromise. The situation underscores the need for timely updates and vigilance in managing self-hosted services.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: Gogs (self-hosted Git service), CVE-2025-8110
  • Action Required: A fix for the vulnerability is reportedly in development.
  • Timeline: Newly disclosed

Original Article Summary

A high-severity unpatched security vulnerability in Gogs has come under active exploitation, with more than 700 compromised instances accessible over the internet, according to new findings from Wiz. The flaw, tracked as CVE-2025-8110 (CVSS score: 8.7), is a case of file overwrite in the file update API of the Go-based self-hosted Git service. A fix for the issue is said to be currently in the

Impact

Gogs (self-hosted Git service), CVE-2025-8110

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Newly disclosed

Remediation

A fix for the vulnerability is reportedly in development. Users should monitor for updates and apply patches as soon as they become available. In the meantime, users are advised to review their configurations and limit access to the Gogs instances to mitigate potential exploitation.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to CVE, Zero-day, Vulnerability, and 2 more.

Read Original Article

Related Coverage

Report: Data extortion intrusions spike

SCM feed for Latest

In 2024, cyberattacks involving data extortion surged to 6,800 incidents, marking a significant 63% increase from the previous year. This rise has been largely driven by the intensified activities of ransomware groups such as Qilin, Sp1d3r Hunters, and Clop. These groups are known for stealing sensitive data and then threatening to release it unless a ransom is paid. This trend poses serious risks to organizations across various sectors as they face increasing pressure to protect their data and respond to extortion demands. Companies must enhance their cybersecurity measures to mitigate these risks and safeguard their sensitive information from being exploited by cybercriminals.

Feb 13, 2026

Toll of Georgia health firm hack exceeds 620K

SCM feed for Latest

ApolloMD, a major healthcare firm based in Georgia with operations across the U.S., disclosed a significant data breach affecting over 626,000 patients. The incident, which occurred in May, was attributed to the Qilin ransomware group. Compromised information includes sensitive data, which raises serious concerns about patient privacy and potential identity theft. As healthcare organizations increasingly face cyber threats, this breach serves as a troubling reminder of the vulnerabilities within the sector. Patients and providers alike need to be vigilant about safeguarding personal information and responding to potential fallout from such attacks.

Feb 13, 2026

UK government faces IT hurdles in preventing sensitive data leaks

SCM feed for Latest

The UK government's Science, Innovation and Technology Committee recently questioned ministers about the challenges of preventing sensitive data leaks, particularly in light of a recent incident involving the Ministry of Defence (MoD). In this case, sensitive information was accidentally exposed, putting Afghan informants at risk. This incident raises serious concerns about data security practices within government departments. The committee is focused on ensuring that such lapses do not occur again, especially given the potential dangers to individuals who have assisted UK forces. The discussion highlights the urgent need for better safeguards to protect sensitive data in government systems.

Feb 13, 2026

Ivanti EPMM Zero-Day Bugs Spark Exploit Frenzy — Again

darkreading

Recent zero-day vulnerabilities in Ivanti's Endpoint Manager Mobile (EPMM) have sparked renewed concern among cybersecurity experts. These flaws, which can be exploited by attackers, could potentially compromise sensitive data in mobile devices managed by the software. Organizations using EPMM must act quickly to secure their systems, as these vulnerabilities are already being exploited in the wild. Experts are urging a shift away from simply applying patches and towards more robust security measures, including better authentication controls and reducing unnecessary public interfaces. The urgency of the situation emphasizes the need for businesses to prioritize security and stay updated with the latest patches and practices.

Feb 12, 2026

Critical BeyondTrust RCE flaw now exploited in attacks, patch now

BleepingComputer

A serious vulnerability has been discovered in BeyondTrust Remote Support and Privileged Remote Access appliances, allowing attackers to execute code remotely without authentication. This flaw has become a target for exploitation after a proof-of-concept (PoC) was made publicly available. Organizations using these systems should be particularly vigilant, as the flaw can lead to unauthorized access and potential data breaches. BeyondTrust has released patches to address this issue, and it’s crucial for users to apply these updates promptly to protect their systems. The urgency of this situation highlights the need for proactive security measures in remote access technologies.

Feb 12, 2026

Gone With the Shame: One in Two Americans Are Reluctant to Talk About Romance Scam Incidents

darkreading

As Valentine's Day approaches, a new report reveals that men are nearly twice as likely as women to fall victim to romance scams. These scams typically involve fraudsters posing as potential romantic partners online, often leading to significant financial losses for victims. The reluctance to discuss these incidents is prevalent, with many individuals feeling ashamed or embarrassed about being scammed. This silence can hinder awareness and prevention efforts, making it crucial for people to openly share their experiences. Given the emotional and financial toll these scams can take, men should be particularly vigilant this Valentine's Day to avoid falling prey to such deceitful tactics.

Feb 12, 2026