CISA flags Wing FTP Server flaw as actively exploited in attacks

CISA warned U.S. government agencies to secure their Wing FTP Server instances against an actively exploited vulnerability that may be chained in remote code execution attacks.
SecurityWeek

Critical ScreenConnect Vulnerability Exposes Machine Keys

ConnectWise has patched a critical ScreenConnect flaw that allowed attackers to obtain machine keys and compromise servers.
The Hacker News

CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths

CISA adds Wing FTP CVE-2025-47813 to KEV after active exploitation, exposing server paths and aiding attacks; patch by March 30, 2026.

Federal agencies urged to patch Wing FTP Server flaw following CISA warning

A vulnerability was added to the database, and it was found to be exploited in the wild.