Overview
Threat actors are suspected to be exploiting a maximum-severity security flaw impacting Quest KACE Systems Management Appliance (SMA), according to Arctic Wolf. The cybersecurity company said it observed malicious activity starting the week of March 9, 2026, in customer environments that's consistent with the exploitation of CVE-2025-32975 on unpatched SMA systems exposed to the internet.
Vulnerability Details
- CVE-2025-32975: Referenced in source reporting from thehackernews.
Organisations Involved
The following organisations are mentioned in relation to this incident: Arctic Wolf, Hackers Exploit, Hijack Unpatched Quest, Systems
Threat, Systems Management Appliance.
Sources: thehackernews. Aggregated by Cybernews Agency pipeline.