CyberNews: 18/09/2025 Edition

Published by Dunateo on 2025-09-18

Today’s roundup

  • Google Patches Chrome Zero-Day CVE-2025-10585 as Active V8 Exploit Threatens Millions
  • TA558 Uses AI-Generated Scripts to Deploy Venom RAT in Brazil Hotel Attacks
  • Microsoft and Cloudflare teamed up to dismantle the RaccoonO365 phishing service
  • Jaguar Land Rover will extend its production halt into a third week following a cyberattack
  • Critical CVEs in Chaos-Mesh Enable In-Cluster Code Execution
  • TaskUs Employees Behind Coinbase Breach, US Court Filing Alleges
  • China-linked APT41 targets government, think tanks, and academics tied to US-China trade and policy
  • FileFix Campaign Using Steganography and Multistage Payloads

    • Summary

    Google urgently patched an actively exploited zero-day vulnerability (CVE-2025-10585) in Chrome's V8 engine, warning of severe type confusion risks. TA558/RevengeHotels targeted Brazilian hotels with AI-crafted phishing emails deploying Venom RAT, per Kaspersky. Microsoft and Cloudflare dismantled RaccoonO365 PhaaS infrastructure, seizing 338 domains used to steal 5,000+ Microsoft credentials globally. Jaguar Land Rover extended its production shutdown to September 24 after a cyberattack by Scattered Lapsus$ Hunters, costing £50M/week in losses and confirming data exposure. Three critical CVEs (CVE-2025-17001 - 17003) in Chaos-Mesh allow cluster-level code execution even in default configurations. A TaskUs employee allegedly sold Coinbase breach data at $200/record before arrest. Proofpoint reported APT41 impersonated a US lawmaker in sophisticated phishing campaigns leveraging VS Code tunnels for economic espionage. The FileFix campaign employed steganography to hide malicious PowerShell scripts in JPGs via multilingual phishing.

    Want to dig deeper?

    Vulnerabilities

    CVE-2025-10585 High
    CVE-2025-17001 Critical