Thousands of ColdFusion exploit attempts spotted during Christmas holiday
During the Christmas 2025 holiday, thousands of exploit attempts were detected targeting Adobe ColdFusion vulnerabilities. A single threat actor, operating from Japan-based infrastructure, was responsible for approximately 98% of the observed attack traffic, exploiting over 10 ColdFusion CVEs from 2023-2024.