🌍 Global Cybersecurity Alerts – Last 24 Hours - CyberDudeBivash

30 Jul

30Jul

🛑 1. Microsoft SharePoint Ransomware Wave — 400+ Systems Affected

A new zero-day vulnerability exploited in on-prem SharePoint servers has led to a widespread ransomware campaign. Over 400 organizations, including U.S. federal entities such as the National Nuclear Security Administration, are impacted. Attackers linked to the Warlock (Black Basta-derived) group are using stolen machine keys to maintain access—even after patching

⚠️ 2. Google Chrome Zero-Day (CVE‑2025‑6554 / 6558) Under Active Exploitation

Google has issued a timely patch for Chrome zero-day CVE‑2025‑6554, with confirmed exploitation in the wild. This is the fourth Chrome zero-day of 2025, and users of Chromium-based browsers (Edge, Brave, Opera) are urged to patch immediately.

📡 3. Critical FortiWeb SQL Injection Vulnerability (CVE‑2025‑25257) Now Public

An unauthenticated SQLi flaw in Fortinet’s web application firewall has been publicly disclosed—with a proof-of-concept exploit circulating. Attackers could gain full control over vulnerable FortiWeb appliances

🧩 4. Windows CLFS Zero-Day (CVE‑2025‑29824) Exploited by Storm‑2460

Microsoft has flagged a zero-day in the Common Log File System (CLFS) kernel driver—used by the Storm‑2460 group to escalate privileges and deliver ransomware via PipeMagic malware, affecting targets in the U.S., Spain, Saudi Arabia, and Venezuela.

⚙️ 5. Cisco ISE Exploitation Attempts Detected

Cisco PSIRT warns of ongoing attempts exploiting unknown vulnerabilities in Cisco Identity Services Engine (ISE). A compromised ISE instance could allow attackers to bypass NAC policies and gain broad network access.

🧫 6. SAP Zero‑Day (CVE‑2025‑31324) Fully Exploited in the Wild

A CVSS 10.0 zero-day in SAP Visual Composer (CVE‑2025‑31324) has been confirmed to be actively exploited by threat groups. The critical flaw allows unauthenticated users to upload arbitrary files, leading to full system compromise. CISA added it to the Known-Exploited Vulnerabilities catalog. onapsis.com

🧠 7. AI Tool Infrastructure Zero-Day — Privacy Risk Disclosed

Researchers have discovered a zero-day vulnerability in infrastructure supporting popular AI coding tools. Exploitation allows automated harvesting of user email addresses, posing serious privacy and phishing risks. social.cyware.com

🔐 What’s the Impact?

Ransomware remains the dominant threat vector, leveraging unpatched zero-days in Microsoft and network appliances.
Browser and SaaS platforms continue to be exploited at scale; patching is critical.
Enterprise backends (SAP, Cisco NAC) are now primary attack surfaces—not just end-user systems.
AI-infused platforms are exposing new personal data risks—requiring alert governance.

✅ Action Checklist for CyberDudeBivash Audience

Threat Area	Recommended Action
SharePoint Servers	Apply latest patches, rotate machine keys, audit post-patch persistence
Google Chrome & Edge	Update to latest version immediately
FortiWeb Appliances	Patch and restrict admin access; monitor WAF logs
CLFS Zero-Day (Windows)	Ensure devices are updated; watch for PipeMagic behavior
Cisco ISE Infrastructure	Review logs; update firmware; limit NAC exposure
SAP Visual Composer Servers	Apply emergency patch; scan for rogue users/scripts
AI Tool Ecosystems	Monitor logs, restrict access, and isolate sensitive data

CybersecurityMalware AnalysisVulnerability AnalysisCybersecurity News UpdatesInformation SecurityData BreachCyber EspionageAI SecurityPenetration TestingCyber AttackNetwork SecurityArtificial Intelligenceweb3 securitySOC Analysis

Cybersecurity Vulnerabilities Cybersecurity news Cyber incidents Cyber attacks cyber news cyberdudebivash

Comments