Hackers Exploit Zero-Day Flaw in Sitecore for Backdoors and Malware
Threat actors exploited a zero-day vulnerability in legacy Sitecore systems (CVE-2025-53690) involving a ViewState deserialization flaw caused by reused sample ASP.NET machine keys, leading to remote code execution and deployment of reconnaissance malware WeepSteel. The attack involved multi-stage exploits including privilege escalation and persistence techniques. Sitecore recommends immediate replacement and encryption of static machine keys to mitigate the vulnerability.