CrowdStrike Falcon Blocks Git Exploit in Active Attack

CrowdStrike has detected active exploitation of the Git vulnerability identified as CVE-2025-48384. The company reported that its security platform, CrowdStrike Falcon, blocks Git-based attacks by stopping threat actors who use deceptive social engineering techniques alongside compromised repositories. This campaign targets developers by luring them into cloning malicious Git projects, which then trigger the exploit.

According to CrowdStrike, the attackers crafted repositories designed to exploit the vulnerability during routine development workflows. CrowdStrike Falcon blocks Git repository threats by identifying and halting malicious payloads before execution. This proactive defense helped prevent potential compromise across affected systems.

In addition to CVE-2025-48384, the company is also monitoring CVE-2025-61882, another emerging vulnerability. Security teams are urged to stay vigilant and monitor activity related to these threats, which may evolve as attackers refine their methods.

To learn more about CrowdStrike’s findings and recommendations, read the full article at
https://www.crowdstrike.com/en-us/blog/crowdstrike-falcon-blocks-git-vulnerability-cve-2025-48384/