Beware: CVE-2025-64446 Exploit Attempts Creating Admins Faster Than You Can Say ‘Oops!’

Our honeypots are buzzing with exploit attempts for CVE-2025-64446, creating new admin users faster than you can say “cybersecurity breach.” It’s like hackers are hosting their own admin party, and everyone’s invited—except you!

1P
Published: November 15, 2025 9:45 amAdded: November 15, 2025 at 1:55 amAssembled by: The Editor
Pro Dashboard

Hot Take:

When life gives you CVEs, make sure your honeypot’s on point! Our dear Didier Stevens is here, serving cybersecurity realness and catching those pesky exploit attempts like they’re going out of style. Who knew honeypots could be the latest tech trend?

Key Points:

  • Didier Stevens reports on the new exploit attempts for CVE-2025-64446.
  • Honeypots have detected POST requests aimed at creating unauthorized admin users.
  • The attack utilizes a specific User Agent String and POST data.
  • There’s a proof of concept (PoC) available showing the JSON data used in the exploit.
  • Didier’s insights highlight the importance of monitoring and updating software defenses.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?