Key Findings Researchers at Mandiant Threat Defense, part of Google Cloud Security Operations, have revealed a critical unauthenticated access vulnerability in Gladinet's Triofox file-sharing platform (CVE-2025-12480). The vulnerability allowed attackers to bypass authentication, create administrative accounts, and achieve SYSTEM-level code execution through a chained attack path. The exploitation campaign was first detected on August 24, 2025, when Google Threat Intelligence
