𧨠1. Microsoft SharePoint Exploited: 400+ Orgs Breached
APT Group: Warlock (Black Basta lineage)
- CVE exploited: Unpatched SharePoint RCE (TBD)
- Victims include: U.S. Nuclear Agency, Government Orgs
- TTPs: Lateral movement, persistence post-patching
- β οΈ High persistence risk even after patching
π³οΈ 2. Windows CLFS Zero-Day β CVEβ2025β29824
Used by Stormβ2460 to drop PipeMagic ransomware
- Affected component: CLFS.sys (Kernel)
- Impact: Privilege Escalation β Full ransomware deployment
- Regions hit: πΊπΈ πͺπΈ πΈπ¦ π»πͺ
- Patch Available: URGENT update required
π 3. Critical FortiWeb SQL Injection (CVEβ2025β25257)
Unauthenticated SQL Injection flaw
- Allows: Full control over WAF appliances
- Exploit POC now public
- Attackers exploiting vulnerable FortiWeb instances globally
- Vendor advisory: Fortinet Security Center
π 4. AI Tool Infrastructure Zero-Day
Privacy threat in popular coding assistant backend
- Allows: Harvesting of user emails
- Phishing risk: High
- Impact: AI developers, open-source projects
- Remediation: Limit LLM API access & monitor outgoing traffic
𧬠5. WormGPT Clones Generate Polymorphic Malware
Malware re-coded on demand in: Python, PowerShell, Bash
- Adapts to evade: YARA, EDR, Sandboxes
- Delivery: Phishing, loaders, GitHub links
- Used by: APT, ransomware crews, and darknet services
π 6. SAP Zero-Day (CVEβ2025β31324) in Visual Composer
CVSS: 10.0 β Critical
- Allows: Unauthenticated file upload β Full system compromise
- Exploited in the wild
- CISA has listed it as Known Exploited Vulnerability (KEV)
π§ 7. Google Chrome Zero-Days: CVEβ2025β6554 & 6558
Exploited in the wild targeting Chromium-based browsers
- Patch released urgently
- Affects: Chrome, Edge, Brave, Opera
- Delivery vectors: Malvertising, infected extensions
π‘ 8. Telecom Orange Hacked β Data Exposure Suspected
- Incident ongoing
- Early reports: Data breach, internal disruption
- Details expected from CERT-FR
- Attack type: Likely supply-chain compromise
π§ Analysis
Weβre seeing a steep spike in zero-days targeting:
- Collaboration platforms (SharePoint, SAP)
- Critical infrastructure (Telecom, Gov)
- Browser attack surfaces
- AI development environments
π¬ βModern cyberattacks donβt just break inβthey blend in.β β CyberDudeBivash
π‘οΈ Recommendations
- β
Patch all major software: Chrome, SharePoint, FortiWeb, Windows
- β
Harden AI environments (monitor LLM API & plugins)
- β
Implement memory-based EDRs with AI-malware detection
- β
Train SOC teams on polymorphic AI-generated malware
π£ Share & Spread Awareness
π Full Blog β cyberdudebivash.com
π Google Blog β cyberbivash.blogspot.com
π LinkedIn β @CyberDudeBivash