Close Menu

    Subscribe to Updates

    Get the latest tech news from Tallwire.

      What's Hot

      Safely Recycling an Old PC Starts With Protecting Your Data

      July 17, 2026

      Architects Look to Beautify Data Centers as AI Expansion Sparks Local Resistance

      July 17, 2026

      The AI Gold Rush’s House of Cards: When Financial Engineering Begins to Eclipse Innovation

      July 17, 2026
      Facebook X (Twitter) Instagram
      • Tech
      • AI
      • Get In Touch
      Facebook X (Twitter) LinkedIn
      TallwireTallwire
      • Tech

        Safely Recycling an Old PC Starts With Protecting Your Data

        July 17, 2026

        Trump Takes Measured Approach to Winning the Quantum Race

        July 17, 2026

        U.N. Chief Renews Push for Global Ban on Autonomous AI Weapons

        July 17, 2026

        Aviation Industry Seeks to Rebrand “Drones” as Consumer and Passenger Flight Technologies

        July 16, 2026

        U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

        July 16, 2026
      • AI

        Architects Look to Beautify Data Centers as AI Expansion Sparks Local Resistance

        July 17, 2026

        U.N. Chief Renews Push for Global Ban on Autonomous AI Weapons

        July 17, 2026

        China Uses Open-Source AI Push to Expand Global Influence

        July 17, 2026

        Starbucks’s AI Shift Signals Growing Revolt Against Legacy Enterprise Software

        July 16, 2026

        New AI Safety Proposal Calls for U.S.-China Pause on Frontier AI Development

        July 16, 2026
      • Security

        Safely Recycling an Old PC Starts With Protecting Your Data

        July 17, 2026

        U.N. Chief Renews Push for Global Ban on Autonomous AI Weapons

        July 17, 2026

        China Uses Open-Source AI Push to Expand Global Influence

        July 17, 2026

        New AI Safety Proposal Calls for U.S.-China Pause on Frontier AI Development

        July 16, 2026

        Social Media Ban Proposal Sparks Fears of Collateral Damage for Educational Technology Firms

        July 16, 2026
      • Health

        AI Chatbots Face Growing Scrutiny as Mental Health Risks Draw Medical Alarm

        July 16, 2026

        AI Chatbots Increasingly Clash With Eating Disorder Treatment

        July 15, 2026

        Personalized UVB Device Promises Vitamin D Benefits While Raising Questions About Medicalizing Everyday Health

        July 15, 2026

        Humanoid Robots Complete First Live Surgical Procedures in Medical Milestone

        July 14, 2026

        Meta Patent Ignites Fresh Fears Over AI-Powered Emotional Surveillance

        July 14, 2026
      • Science

        Trump Takes Measured Approach to Winning the Quantum Race

        July 17, 2026

        AI Chatbots Face Growing Scrutiny as Mental Health Risks Draw Medical Alarm

        July 16, 2026

        U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

        July 16, 2026

        Scientists Advance “StormWall” Concept to Defend Earth from Catastrophic Solar Storms

        July 15, 2026

        Personalized UVB Device Promises Vitamin D Benefits While Raising Questions About Medicalizing Everyday Health

        July 15, 2026
      • Tech

        AI Protesters March on Silicon Valley Giants Demanding Development Freeze

        July 14, 2026

        Palo Alto Networks CEO Warns AI Costs Must Plunge Before Enterprise Adoption Can Accelerate

        July 14, 2026

        DeepMind Unionization Effort Encounters Early Resistance as Labor Talks Stall

        July 11, 2026

        Always-On Workplace Culture Pushes Employees Toward the Breaking Point

        July 10, 2026

        High-Income Families Embrace AI-Driven Schools as Alternative Education Expands

        July 9, 2026
      TallwireTallwire
      Home»Tech»Critical Gogs Zero-Day Under Active Exploitation Compromises 700+ Git Instances
      Tech

      Critical Gogs Zero-Day Under Active Exploitation Compromises 700+ Git Instances

      4 Mins Read
      Facebook Twitter Pinterest LinkedIn Tumblr Email
      Critical Gogs Zero-Day Under Active Exploitation Compromises 700+ Git Instances
      Critical Gogs Zero-Day Under Active Exploitation Compromises 700+ Git Instances
      Share
      Facebook Twitter LinkedIn Pinterest Email

      A zero-day vulnerability in Gogs, a widely used self-hosted Git service, tracked as CVE-2025-8110, is being actively exploited in the wild, enabling authenticated attackers to overwrite files outside of repositories and achieve remote code execution on vulnerable servers; more than 700 Internet-facing instances appear compromised and no official patch is yet available, prompting emergency mitigation guidance for administrators.

      Sources: Hacker News, Run Zero

      Key Takeaways

      – Active exploitation ongoing: Attackers are abusing the vulnerability in real conditions, not just in lab settings.

      – Widespread exposure: Hundreds of publicly accessible Gogs servers have been compromised, with many more potentially vulnerable.

      – No fix yet: A patch is still pending, increasing the urgency for defensive steps and configuration hardening by system owners.

      In-Depth

      A newly discovered security weakness in Gogs — the open-source, self-hosted Git hosting platform — has escalated from theoretical concern to real-world crisis within a matter of days. The vulnerability, designated CVE-2025-8110, involves improper handling of symbolic links in Gogs’ PutContents API, a component used when users push or update content in a repository. Because the flaw allows authenticated users to create or commit a symbolic link that points to an arbitrary location outside of the normal repository structure, an attacker with valid repository creation permissions can cause the server to overwrite arbitrary files on the underlying system. This file overwrite can be marshalled into a fully functional remote code execution (RCE) exploit, giving unauthorized code the same privileges as the Gogs server process. The issue appears to be a bypass of a prior fix (for CVE-2024-55947), which attempted to close a similar remote code execution hole but failed to properly address the interaction with symbolic links.

      According to independent threat researchers and security advisories, the vulnerability is not confined to theoretical proof-of-concepts — it is being actively and repeatedly exploited on internet-exposed installations. One security firm’s telemetry identified upwards of approximately 1,400 Gogs servers visible on the public internet, of which more than 700 have shown evidence of compromise. The compromise signatures include the appearance of repositories with random eight-character names, suggestive of automated tooling being used post-exploitation. Researchers first encountered the flaw while responding to a malware incident on a customer’s workload earlier in 2025, and the exploitation appears to have been ongoing for months before public disclosure.

      Compounding the severity is the absence of an official patch at the moment of reporting. Unlike many open-source projects that can rapidly issue emergency releases, the Gogs maintainers have not yet made a fixed version available, leaving operators exposed. In the interim, security advice centers around mitigation and exposure reduction: disabling open user registration (which is enabled by default in many deployments), placing the service behind a private network or VPN, and restricting public access via IP allow-listing. Administrators are also urged to scan internal networks for susceptible Gogs instances and to check logs or repository listings for indicators of compromise. Given the way the vulnerability operates, even authenticated but low-privilege users — such as those signing up for accounts on publicly facing servers — can trigger the exploit, underscoring the importance of minimizing unnecessary access and public visibility.

      From a broader security lens, this situation highlights the risks inherent in self-hosted software services that combine web APIs with file system operations — especially when symbolic link handling is involved. It also illustrates how a fix for one serious remote code execution flaw can inadvertently leave a one-day bypass if the underlying logic isn’t thoroughly re-examined. Until a patch is issued and widely deployed, defenders must assume that any Gogs instance exposed to the internet is a potential entry point for compromise and act accordingly to contain the threat vector.

      Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
      Previous ArticleCritical GeminiJack Zero-Click Vulnerability in Google Gemini Enterprise Exposed Corporate Data
      Next Article Cyberattack At Aflac Exposes Personal Information Of 22.6 Million Individuals

      Related Posts

      Safely Recycling an Old PC Starts With Protecting Your Data

      July 17, 2026

      Trump Takes Measured Approach to Winning the Quantum Race

      July 17, 2026

      U.N. Chief Renews Push for Global Ban on Autonomous AI Weapons

      July 17, 2026

      Aviation Industry Seeks to Rebrand “Drones” as Consumer and Passenger Flight Technologies

      July 16, 2026
      Add A Comment
      Leave A Reply Cancel Reply

      Editors Picks

      Safely Recycling an Old PC Starts With Protecting Your Data

      July 17, 2026

      Trump Takes Measured Approach to Winning the Quantum Race

      July 17, 2026

      U.N. Chief Renews Push for Global Ban on Autonomous AI Weapons

      July 17, 2026

      Aviation Industry Seeks to Rebrand “Drones” as Consumer and Passenger Flight Technologies

      July 16, 2026
      Popular Topics
      spotlight starlink Startup Tim Cook Satya Nadella Satellite Viral Samsung SpaceX Stocks Space Series B Series A Tesla Cybertruck Tesla trending UAE Tech Software Taiwan Tech Sundar Pichai
      Major Tech Companies
      • Apple News
      • Google News
      • Meta News
      • Microsoft News
      • Amazon News
      • Samsung News
      • Nvidia News
      • OpenAI News
      • Tesla News
      • AMD News
      • Anthropic News
      • Elbit News
      AI & Emerging Tech
      • AI Regulation News
      • AI Safety News
      • AI Adoption
      • Quantum Computing News
      • Robotics News
      Key People
      • Sam Altman News
      • Jensen Huang News
      • Elon Musk News
      • Mark Zuckerberg News
      • Sundar Pichai News
      • Tim Cook News
      • Satya Nadella News
      • Mustafa Suleyman News
      Global Tech & Policy
      • Israel Tech News
      • India Tech News
      • Taiwan Tech News
      • UAE Tech News
      Startups & Emerging Tech
      • Series A News
      • Series B News
      • Startup News
      Tallwire
      Facebook X (Twitter) LinkedIn Threads Instagram RSS
      • Tech
      • Entertainment
      • Business
      • Government
      • Academia
      • Transportation
      • Legal
      • Press Kit
      © 2026 Tallwire. Optimized by ARMOUR Digital Marketing Agency.

      Type above and press Enter to search. Press Esc to cancel.