CyberNews: 13/09/2025 Edition

Published by Dunateo on 2025-09-13

Today’s roundup

  • FBI Warns of UNC6040 and UNC6395 Targeting Salesforce Platforms in Data Theft Attacks
  • Samsung Fixes Critical Zero-Day CVE-2025-21043 Exploited in Android Attacks
  • Apple Warns French Users of Fourth Spyware Campaign in 2025, CERT-FR Confirms
  • Cisco Fixes High-Severity IOS XR Flaws Enabling Image Bypass and DoS
  • Philippine Military Company Spied Upon with New China-Linked Malware
  • Vietnam, Panama Governments Suffer Incidents Leaking Citizen Data

    • Summary

    The FBI issued an alert on September 13, 2025, warning of UNC6040 and UNC6395 exploiting Salesforce platforms via varied initial access methods to conduct data theft and extortion campaigns. Samsung patched CVE-2025-21043, a critical Android zero-day vulnerability (CVSS 8.8) allowing arbitrary code execution, exploited in attacks prior to its September 2025 patch. Apple alerted French users to a fourth 2025 spyware campaign on September 3, confirmed by CERT-FR, targeting devices linked to iCloud accounts. Cisco addressed high-severity IOS XR flaws, including CVE-2025-20340 enabling DoS via ARP storms (CVSS 7.4) and CVE-2025-20248 allowing ISO image signature bypass, in its September 10 advisory. A suspected Chinese APT deployed new malware dubbed 'Eggstreme' in a Philippine military contractor’s network for espionage. Vietnam’s credit bureau and Panama’s finance ministry experienced data breaches claimed by cybercrime groups, exposing citizen data.

    Want to dig deeper?

    Vulnerabilities

  • CVE-2025-21043
  • CVE-2025-20340
  • CVE-2025-20248