Piece of news of the day
ADVANCED SECURITY EUROPA
EOODUnveiling the Weaver E-cology Exploitation: How Attackers Are Leveraging CVE-2026-22679
05 May 2026Hackers have been exploiting a critical vulnerability in the Weaver E-cology office automation software since mid-March, allowing them to run discovery commands.
The attacks began shortly after the software vendor released a security update to address the issue but before publicly disclosing it.
The vulnerable software is primarily used by Chinese organizations for office automation and collaboration.
The flaw (CVE-2026-22679) allows unauthenticated remote code execution due to an exposed debug API endpoint.
Attackers attempted various methods to exploit the vulnerability, including PowerShell-based payload downloads, but were ultimately unsuccessful in establishing a persistent session on the targeted host.
Users of Weaver E-cology 10.0 are advised to apply the security updates provided by the vendor to protect against these attacks.
