Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

FCEB Sitecore CVE-2025-53690 mitigation advisory

Advisory/Mitigation
First reported
Last updated
Happening score
H score 59
1 unique sources, 1 articles

Summary

Hide ▲

FCEB agencies were told to remediate exposed Sitecore instances by September 25, 2025 after CVE-2025-53690 was found under active exploitation. The guidance calls for rotating ASP.NET machine keys and hardening configurations to cut off remote code execution risk. It also directs defenders to scan for signs of compromise on affected systems.

Related Happenings

CISA-led zero-trust guide for OT environments

Public Sector Action
First: 30.04.2026 17:00 Last: 30.04.2026 17:00 Sources 1

About this happening: US government agencies led by **CISA** released **Adapting Zero Trust Principles to Operational Technology**, giving **OT operators** a framework to improve **critical infrastruct...

Open Happening

F5 BIG-IP APM active exploitation wave (CVE-2025-53521)

Exploitation Wave
First: 02.04.2026 11:25 Last: 02.04.2026 11:25 Sources 1

About this happening: As of **2026-04-02**, ongoing attacks are exploiting **CVE-2025-53521** against **F5 BIG-IP APM** systems, leaving more than **14,000** exposed online and at risk of remote code e...

Open Happening

Wing FTP Server actively exploited installation path disclosure remote code execution flaw (CVE-2025-47813)

Vulnerability
First: 16.03.2026 20:00 Last: 16.03.2026 20:00 Sources 1

About this happening: **Wing FTP Server** instances faced **active exploitation** of **CVE-2025-47813**, a flaw that can reveal the server's full local installation path on **unpatched** systems. The w...

Open Happening

RESURGE malware analysis update adds stealth, TLS, and C2 findings on Ivanti Connect Secure

Technical Analysis
First: 26.02.2026 14:00 Last: 26.02.2026 14:00 Sources 1

About this happening: New technical findings on **RESURGE** sharpen detection of a stealthy implant that can hide on **Ivanti Connect Secure** devices and enable covert **SSH-based command-and-control*...

Open Happening

Microsoft Configuration Manager SQL injection RCE (CVE-2024-43468, actively exploited)

Vulnerability
First: 13.02.2026 14:35 Last: 13.02.2026 14:35 Sources 1

About this happening: **CVE-2024-43468** in **Microsoft Configuration Manager (ConfigMgr/SCCM)** is now **actively exploited**, turning a patched **SQL injection** flaw into a real risk for management...

Open Happening

Timeline

  1. 05.09.2025 19:08 1 articles · 8mo ago

    CISA warns FCEB agencies to patch exposed Sitecore instances

    Initial Disclosure

    CISA advised Federal Civilian Executive Branch agencies to update exposed Sitecore instances after CVE-2025-53690 was identified as a critical flaw under active exploitation. The affected Sitecore Experience Manager (XM), Experience Platform (XP), Experience Commerce (XC), and Managed Cloud products contain a deserialization of untrusted data vulnerability involving default machine keys that can let attackers achieve remote code execution.

    Show sources
    Open in new tab
  2. 05.09.2025 19:08 2 articles · 8mo ago

    FCEB agencies face the Sitecore remediation deadline

    Mitigation Patch Update

    Affected Sitecore deployments reach the September 25, 2025 remediation deadline, when administrators are expected to rotate ASP.NET machine keys, lock down configurations, and scan environments for signs of compromise. The deadline addresses CVE-2025-53690, where exposed machine keys can be abused for ViewState deserialization attacks and remote code execution.

    Show sources
    Open in new tab