CyberNews: 07/10/2025 Edition

Published by Dunateo on 2025-10-07

Today’s roundup

  • 13-Year-Old Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely
  • Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware
  • Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks
  • CrowdStrike ties Oracle EBS RCE (CVE-2025-61882) to Cl0p attacks began Aug 9, 2025
  • New Research: AI Is Already the #1 Data Exfiltration Channel in the Enterprise
  • XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities
  • U.S. CISA adds Oracle, Mozilla, Microsoft Windows, Linux Kernel, and Microsoft IE flaws to its Known Exploited Vulnerabilities catalog
  • Discord Reveals Data Breach Following Third-Party Compromise
  • New Report Links Research Firms BIETA and CIII to China’s MSS Cyber Operations
  • Medusa ransomware used during exploitation of GoAnywhere file transfer bug, Microsoft says

    • Summary

    A critical Redis vulnerability (CVE-2025-49844) with CVSS 10.0 enables remote code execution via manipulated Lua scripts. Microsoft attributes Storm-1175 actors to exploiting Fortra GoAnywhere's CVE-2025-10035 flaw, deploying Medusa ransomware. Cl0p ransomware group leverages Oracle EBS's CVE-2025-61882 zero-day for unauthenticated RCE, first exploited August 9; CISA mandates federal patching by October 27. AI emerges as the primary enterprise data exfiltration vector, per LayerX research. XWorm 6.0 malware evolves with 35+ plugins for enhanced credential theft. Discord confirms third-party breach exposing user support data, including IPs and messages. Chinese entities BIETA and CIII linked to MSS cyber operations via personnel ties. U.S. CISA adds seven critical flaws to its Known Exploited Vulnerabilities catalog, including Oracle EBS and Linux kernel bugs.

    Want to dig deeper?

    Vulnerabilities

    CVE-2025-49844 High
    CVE-2025-61882 Critical
    CVE-2025-10035 Critical