CyberNews: 01/10/2025 Edition
Today’s roundup
Summary
Academics demonstrated WireTap, a DDR4 memory-bus interposer attack extracting Intel SGX ECDSA keys, bypassing hardware security. OneLogin disclosed CVE-2025-59363, allowing API-key abuse to steal OIDC client secrets (CVSS 7.7). Red Hat OpenShift AI patched a critical flaw enabling infrastructure takeover via privilege escalation. Threat actors hijacked Milesight industrial routers in Europe since February 2022 to send SMS phishing links via API abuse. Klopatra Android RAT infected 3,000+ devices using hidden VNC for financial fraud. Ukraine's CERT-UA attributed CABINETRAT XLL attacks to UAC-0245 APT targeting government entities. Researchers revealed Battering RAM, a $50 tool bypassing Intel/AMD cloud memory encryption via modified RAM modules. Palo Alto warned of China-aligned Phantom Taurus targeting MFA, embassies, and military ops since 2023. Apple patched CVE-2025-43400, an out-of-bounds write flaw in FontParser enabling denial-of-service and code execution. Check Point detailed Rhadamanthys 0.9.2 updates including Lumma-style anti-analysis checks, custom binary formats, and expanded credential theft via Chromium fingerprinting JS modules.
Want to dig deeper?
Vulnerabilities
CVE-2025-59363 | High |
CVE-2025-43400 | Medium |