CVE-2025-61932

#VulnerabilityReport #ActiveExploitation Urgent Patch: Critical Lanscope Endpoint Manager RCE (CVE-2025-61932, CVSS 9.8) Under Active Exploitation https://t.co/CWiU8MoR8Z

🚩 Critical Lanscope Endpoint Manager Bug (CVE-2025-61932) Being Actively Exploited https://t.co/cViXPHUkdO CISA has added this vulnerability to its Known Exploited Vulnerabilities catalog after confirming attackers are sending crafted packets that allow unauthenticated remo

Suspected Chinese APT “Tick” exploiting a critical flaw (CVE-2025-61932, CVSS 9.3) in Motex Lanscope Endpoint Manager to deploy a backdoor dubbed Gokcpdoor. 🎯 Targeted sectors align with espionage goals. (via @Sophos) Patch now. #CyberSecurity #APT #Infosec https://t

[Dark Reading] APT 'Bronze Butler' Exploits Zero-Day to Root Japan Orgs. A critical security issue in a popular endpoint manager (CVE-2025-61932) allowed Chinese state-sponsored attackers to backdoor Japanese businesses. https://t.co/D0gZ5AHpsu

🚩 Critical Lanscope Endpoint Manager Bug (CVE-2025-61932) Being Actively Exploited https://t.co/cViXPHUS3m CISA has added this vulnerability to its Known Exploited Vulnerabilities catalog after confirming attackers are sending crafted packets that allow unauthenticated remot

🚨 Motex LANSCOPE Endpoint Manager [—] Nov 03, 2025 Product Security Advisory Report on CVE-2025-61932 Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1 https://t.co/QuwNtEgYh1 #ThreatIntelligence #CyberSecurity #Innovation #LLM https://t.co/IAu045dqiy

🚨 CHINA TICK GROUP ZERO-DAY RCE CVE-2025-61932: Hijacks Lanscope Endpoint Mgr w/ SYSTEM privs! Backdoors deployed. ⚠️ Details: https://t.co/LlW0U9vOlm 🔗 Sophos: https://t.co/jTIXguQPC1 @TheHackersNews @Sophos @JPCERT_EN #ZeroDay #RCE #cybersecuritystartupprogram

Bronze Butler, a China-linked cyber-espionage group, exploited a zero-day vulnerability (vulnerability (CVE-2025-61932)) in Motex Lanscope Endpoint Manager to deploy the Gokcpdoor malware, exposing organizations to data theft and persistent backdoor access. This enables attackers

JPCERT-CC reported on CVE-2025-61932 (CVSS 9.8) last week, saying it was being actively exploited. New report says PRC-linked group BRONZE BUTLER has been actively exploiting this CVE, activity leverages an updated version of their Gokcpdoor backdoor https://t.co/lyTQ25ZZMB

China-linked group Bronze Butler exploited a zero-day in Motex Lanscope Endpoint Manager (CVE-2025-61932) to deploy Gokcpdoor malware, enabling SYSTEM-level code execution and advanced C2 communication. #BronzeButler #China #ZeroDayExploit https://t.co/HaTdxdKSSq

📝 𝐂𝐡𝐢𝐧𝐚-𝐥𝐢𝐧𝐤𝐞𝐝 𝐡𝐚𝐜𝐤𝐞𝐫𝐬 𝐞𝐱𝐩𝐥𝐨𝐢𝐭𝐞𝐝 𝐋𝐚𝐧𝐬𝐜𝐨𝐩𝐞 𝐟𝐥𝐚𝐰 𝐚𝐬 𝐚 𝐳𝐞𝐫𝐨-𝐝𝐚𝐲 𝐢𝐧 𝐚𝐭𝐭𝐚𝐜𝐤𝐬 • Bronze Butler exploited a

Critical Windows RCE Flaw (CVE-2025-61932) Allows SYSTEM Control and Ransomware Deployment. Read the full report on - https://t.co/ARLUjKNxxt https://t.co/tcy8d2cqBH

🚨 Critical Lanscope vuln (CVE-2025-61932) lets attackers get SYSTEM access & hijack corporate hosts! Exploited by China-linked APT Tick — CVSS 9.3, JPCERT/CC alert. Patch ASAP! More: https://t.co/YQnpr5AvEK Follow us to support: @kernel_panic69

🚨 LanScope Endpoint Manager Product Security Advisory [—] Nov 01, 2025 Comprehensive security advisory for LanScope Endpoint Manager, addressing CVE-2025-61932 and associated risks. Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1... https://t.co/gtHkRsgF9O

🚨 BRONZE BUTLER Threat Analysis [High] Nov 01, 2025 This report details the activities of the Chinese state-sponsored threat group BRONZE BUTLER, focusing on their exploitation of a zero-day vulnerability (CVE-2025-61932) in the Japanese-developed Motex LANSCOPE Endpoint... ht

China’s BRONZE BUTLER group exploits zero-day flaws like CVE-2025-61932 to conduct stealthy #cyber espionage against #Japan , threatening regional #CyberSecurity & sovereignty. #GodMorningSaturday @CyberpunkGame @cybertruck https://t.co/ShAxvGWt9L

🚨 China-Linked Tick Group exploits Lanscope Zero-Day (CVE-2025-61932) to compromise corporate systems, posing a severe threat. https://t.co/AQlfWjhs5E

Falha crítica no Motex Lanscope exposta por grupo chinês: Vulnerabilidade CVE-2025-61932 permite execução remota com privilégios SYSTEM e tem sido explorada para instalar backdoor Gokcpdoor, facilitando espionagem e exfiltração de dados na Ásia. https://t.co/yl1WLJgFsl

China-Linked Group Exploits Lanscope Zero-Day to Hijack Systems A cyber espionage group called Tick exploited CVE-2025-61932, a critical flaw in Motex Lanscope Endpoint Manager, enabling remote attackers to execute SYSTEM-level commands on on-premise versions. JPCERT/CC issued h

⚠️ Des hackers chinois exploitent une faille critique (CVE-2025-61932, score 9.3) dans Motex Lanscope Endpoint Manager. Elle permet l’exécution de commandes SYSTEM et l’implantation du backdoor Gokcpdoor avec nouveaux canaux C2 multiplexés. 🚨 Attaques actives confirm

🇯🇵 🚨 BREAKING: China-linked Tick group exploiting critical Motex Lanscope Endpoint Manager flaw (CVE-2025-61932, CVSS 9.3) enabling remote SYSTEM execution on on-premise instances — JPCERT/CC alert. https://t.co/kYxTjpag9F #cyber #OSINT #Japan

📌 مجموعة التجسس السيبراني "تيك" مرتبطة بالصين استغلت ثغرة أمان حرجة في برنامج "موTex Lanscope" لإختراق الأنظمة المؤسساتية. الثغرة، المسجلة برقم CVE-2025-61932، تتيح

⚠️ Chinese hackers are exploiting a critical 9.3 CVE (CVE-2025-61932) in Motex Lanscope Endpoint Manager. It lets them run SYSTEM-level commands and plant a Gokcpdoor backdoor with new multiplexed C2 channels. Active attacks confirmed ↓ https://t.co/HTJHzYQS4x

⚠️ Chinese hackers are exploiting a critical 9.3 CVE (CVE-2025-61932) in Motex Lanscope Endpoint Manager. It lets them run SYSTEM-level commands and plant a Gokcpdoor backdoor with new multiplexed C2 channels. Active attacks confirmed ↓ https://the... https://t.co/JXaeaEY

In mid-2025 Sophos CTU researchers observed a campaign from the BRONZE BUTLER (also known as Tick) theat actor that exploited a zero-day vulnerability (CVE-2025-61932) in Motex LANSCOPE Endpoint Manager to steal confidential information. https://t.co/rzLSy3gZ5u https://t.co/7SxOg

BRONZE BUTLER exploited zero-day CVE-2025-61932 in Motex LANSCOPE Endpoint Manager to execute SYSTEM-level commands, deploy Gokcpdoor and Havoc backdoors, and exfiltrate data via cloud storage and remote tunnels. #Japan #ZeroDay #Backdoor https://t.co/IyRPvTM9xY

統合版 JPCERT/CC | Weekly Report: LANSCOPE エンドポイントマネージャー オンプレミス版における通信チャネルの送信元検証不備の脆弱性（CVE-2025-61932）について https://t.co/izDRQ1dDm6 #itsec_jp

A threat group known as BRONZE BUTLER has exploited a LANSCOPE zero-day vulnerability (CVE-2025-61932) in Japanese asset management software, raising concerns over cybersecurity in the industry. #CyberSecurity #Vulnerability https://t.co/o6vDZN8Ayk

My latest blog post about a campaign exploiting the LANSCOPE vulnerability (CVE-2025-61932) has been published. / BRONZE BUTLER exploits Japanese asset management software vulnerability – Sophos News https://t.co/5MRWjeEy3r

BRONZE BUTLER Exploits Japanese Asset Management Software Vulnerability In 2025, CTU researchers identified a sophisticated BRONZE BUTLER campaign exploiting CVE-2025-61932 in Motex LANSCOPE to steal data. The Chinese state-sponsored group, active since 2010, used this zero-day

🔴 Critical LANSCOPE Endpoint Manager Flaw Exploited—CISA Confirms Active Attacks CVE-2025-61932 (CVSS 9.3) hit CISA's Known Exploited Vulnerabilities catalog after confirmed exploitation in Japan. The flaw affects Motex LANSCOPE Endpoint Manager—enterprise client managem

🚨 Lanscope Endpoint Manager [—] Oct 28, 2025 Critical security advisory for Lanscope Endpoint Manager, addressing remote code execution vulnerability CVE-2025-61932. Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1... https://t.co/lBeHGFMYx7

🚨 CVE-2025-61932 has been flagged as a critical RCE vulnerability targeting the on-prem Motex LANSCOPE Endpoint Manager. It’s actively being exploited in the wild, prompting CISA to add it to the Known Exploited Vulnerabilities catalog. Patch fast-this one’s not theoretica

⚠️ Critical CVEs Under Active Exploitation: Adobe Commerce, Lanscope, WSUS RCE Three critical vulnerabilities are actively exploited right now. CVE-2025-54236 (Adobe Commerce/Magento RCE)—attackers actively exploiting storefronts. CVE-2025-61932 (Lanscope Endpoint

🚨 LANSCOPE Endpoint Manager [—] Oct 27, 2025 Product Security Advisory Report on CVE-2025-61932 Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1 https://t.co/QuwNtEgYh1 #ThreatIntelligence #CyberSecurity #Innovation #LLM https://t.co/vouKWFTrkf

Lanscope Endpoint Manager vulnerability exploited in zero-day attacks (CVE-2025-61932) - Help Net Security https://t.co/Pp7i3G9vIE

⚠️ Lanscope (Motex) critical RCE CVE-2025-61932 is being exploited in the wild. If you run Lanscope Endpoint Manager: patch or isolate the console, audit remote-command logs, and block access to management ports NOW. #Lanscope #CVE2025 #InfoSec

CISA has confirmed that a critical vulnerability (CVE-2025-61932) in Motex Lanscope Endpoint Manager is being actively exploited. The flaw, which has a CVSS score of 9.8, allows attackers to execute arbitrary code remotely on affected on-premises versions.

3/5: "CyberShield Hub's RCE radar: RedScan's AI sentinel flags packet anomalies & endpoint exploits—like CVE-2025-61932 chains—in real-time. Lightweight, local-first, no bloat. Windows solid, Linux/macOS inbound. Ever nuked a zero-day mid-manager?"

Thread: "Motex LANSCOPE RCE (CVE-2025-61932) Goes Wild: Unauth Code Exec on Endpoint Managers—Patch or Perish!" 🚨🔒 1/5: "🚨 ENDPOINT APOCALYPSE: CISA's KEV catalog just added CVE-2025-61932—a CVSS 9.8 RCE in Motex LANSCOPE Endpoint Manager (v9.4.7.2 & earlier).

RedScan v0.6 Unleashed: AI Defense + Ethical Hacking Bootcamp! 🚀🛡️ Oct 25, 2025, 02:58 PM WAT Cyber fam, RedScan v0.6 is live—slamming WSUS RCE (CVE-2025-59287) and LANSCOPE exploits (CVE-2025-61932) with AI, a SQLite DB, and VirusTotal ThreatFeed (500 free lookups/day)

RedScan v0.6 Unleashed: AI Defense + Ethical Hacking Bootcamp! 🚀🛡️ Oct 25, 2025, 02:58 PM WAT Cyber fam, RedScan v0.6 is live—slamming WSUS RCE (CVE-2025-59287) and LANSCOPE exploits (CVE-2025-61932) with AI, a SQLite DB, and VirusTotal ThreatFeed (500 free lookups/day)

Thread: "Motex LANSCOPE RCE (CVE-2025-61932) Goes Wild: Unauth Code Exec on Endpoint Managers—Patch or Perish!" 🚨🔒 1/5: "🚨 ENDPOINT APOCALYPSE: CISA's KEV catalog just added CVE-2025-61932—a CVSS 9.8 RCE in Motex LANSCOPE Endpoint Manager (v9.4.7.2 & earlier). Un

🚨 Heads up, cybersecurity enthusiasts! A critical #zero-day vulnerability, CVE-2025-61932, in Lanscope Endpoint Manager, is being actively exploited in real-time attacks. Are your systems secured? 🛡️ Now's the time to double-check your defenses and patch up!

CISA has added a critical vulnerability, CVE-2025-61932 (CVSS v4 score: 9.3), affecting Motex Lanscope Endpoint Manager to its KEV catalog, confirming active exploitation. https://t.co/ZcQagg7Q60

🛡️ Cyber Threat Digest – 2025-10-24 KEV: CVE-2025-61932 — Motex LANSCOPE Endpoint Manager NVD: CVE-2025-11429 — flaw was found in News: Mozilla: New Firefox extensions must disclose… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv

Critical Lanscope Endpoint Manager Bug Exploited in Ongoing Cyberattacks. The vulnerability, CVE-2025-61932 (CVSS v4 score: 9.3), impacts on-premises versions of Lanscope Endpoint Manager, specifically Client program and Detection Agent. https://t.co/3SQtRszV7M https://t.co/IrZGT

csirt_it: ‼ #Exploited #Motex: rilevato sfruttamento in rete della CVE-2025-61932 relativa al prodotto #LanscopeEndpointManager Rischio:🟠 Tipologia: 🔸 Remote Code Execution 🔗 https://t.co/q0blcfUqn4 🔄 Aggiornamenti disponibili 🔄 https://t.co/HoSCx6RJpa

🚨 CRITICAL Lanscope Endpoint Manager flaw (CVE-2025-61932) is under active attack! Remote code execution possible—patch to 9.4.7.3+ ASAP to block backdoors. CISA sets 12 Nov 2025 remediation deadline. Details: https://t.co/J3mB5STFff... https://t.co/yU9Yb9B2tO

Lanscope Endpoint Manager の脆弱性がゼロデイ攻撃で悪用される (CVE-2025-61932) Lanscope Endpoint Manager vulnerability exploited in zero-day attacks (CVE-2025-61932) #HelpNetSecurity (Oct 23) https://t.co/SQLJ3SWBeN