Gogs 0-Day Exploited in the Wild

**Wiz Research discovered an active zero-day (CVE-2025-8110) in Gogs that bypasses a prior RCE fix via symlink abuse, enabling authenticated repository creators to overwrite files outside repos and achieve remote code execution; the flaw is actively exploited in the wild across hundreds of internet-exposed instances, with Supershell-based malware and identified C2/IP indicators observed, and no upstream patch available as of the report date.**