RadioCSIRT English Version, Your Daily Cyber Security News, Oct 31, 2025 -  (Ep.3) episode artwork

EPISODE · Oct 31, 2025 · 7 MIN

RadioCSIRT English Version, Your Daily Cyber Security News, Oct 31, 2025 - (Ep.3)

from RadioCSIRT - English Edition · host Marc Frédéric GOMEZ

🎧🎃 RadioCSIRT — Welcome to Your Daily Cybersecurity Briefing 💀⚡️🧟 VMware Tools — Actively Exploited by a Chinese GroupCISA has ordered U.S. federal agencies to patch vulnerability CVE-2025-41244, which allows local privilege escalation on VMware Aria Operations and VMware Tools virtual machines. The flaw has been exploited since October 2024 by the UNC5174 threat group.🕸️ XWiki Platform — Critical Injection (CVE-2025-24893)A critical injection vulnerability in the SolrSearch function allows unauthenticated remote code execution. Rated CVSS 9.8, this flaw is under active exploitation. Fixes are available in versions 15.10.11, 16.4.1, and 16.5.0RC1.🦇 UNC6384 — Diplomatic Espionage in EuropeDiplomatic entities in Belgium and Hungary were targeted by the Chinese APT UNC6384 via malicious emails. The attackers used the PlugX malware and exploited a Windows vulnerability disclosed in March 2025. Their goal: monitor NATO and EU diplomatic discussions.🧛 Airstalk — New .NET and PowerShell Malware StrainUnit 42 has identified a new malware dubbed Airstalk, likely used in a state-sponsored supply chain attack. It hijacks the AirWatch/Workspace ONE API to establish a hidden C2 channel, exfiltrating cookies, browsing history, and screenshots.🕷️ Personalized Scams — Exploiting Digital FingerprintsScammers are increasingly leveraging publicly available social media data to craft personalized attack vectors. Malwarebytes researchers describe techniques ranging from AI-cloned voices to geolocated fake profiles and data-driven impersonation campaigns.🧙 Microsoft & NSA — Exchange Server Hardening GuideCISA and the NSA have released a joint international guide for securing on-premises Exchange servers. It focuses on three pillars: strengthening authentication, encrypting network communications, and reducing the attack surface to prevent persistent compromises.⚡️ Don’t think, just patch! 🎃📚 Sources:https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-vmware-tools-flaw-exploited-since-october-2024/https://cybersecuritynews.com/xwiki-platform-injection-vulnerability-exploited/https://therecord.media/belgium-hungary-diplomatic-entities-hacked-unc6384https://unit42.paloaltonetworks.com/new-windows-based-malware-family-airstalk/https://www.malwarebytes.com/blog/inside-malwarebytes/2025/10/how-scammers-use-your-data-to-create-personalized-tricks-that-workhttps://thehackernews.com/2025/10/cisa-and-nsa-issue-urgent-guidance-to.html📞 Share your feedback:📧 [email protected]🌐 www.radiocsirt.com📰 radiocsirtinl.substack.com#CyberSecurity #VMware #UNC5174 #XWiki #Airstalk #UNC6384 #Exchange #Malwarebytes #RadioCSIRT #Halloween #Infosec 🎃👻

NOW PLAYING

RadioCSIRT English Version, Your Daily Cyber Security News, Oct 31, 2025 - (Ep.3)

0:00 7:27

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Al-Quran In English Dr. Soha The complete Quran translation in English, Narrated by Dr. Soha. Hosted on Acast. See acast.com/privacy for more information. The Hobbit by J. R. R. Tolkien Audiobook Raghvendra Singh The journey through Middle-earth begins here with J.R.R. Tolkien's classic prelude to his Lord of the Rings trilogy.“A glorious account of a magnificent adventure, filled with suspense and seasoned with a quiet humor that is irresistible... All those, young or old, who love a fine adventurous tale, beautifully told, will take The Hobbit to their hearts.”—The New York Times Book Review"In a hole in the ground there lived a hobbit." So begins one of the most beloved and delightful tales in the English language—Tolkien's prelude to The Lord of the Rings. Set in the imaginary world of Middle-earth, at once a classic myth and a modern fairy tale, The Hobbit is one of literature's most enduring and well-loved novels.Bilbo Baggins is a hobbit who enjoys a comfortable, unambitious life, rarely traveling any farther than his pantry or cellar. But his contentment is disturbed when the wizard Gandalf and a company of dwarves arrive on his doorstep one day to whisk him away CLO Level 3 Lessons Chinese Learn Online (CLO) Learn Mandarin Chinese with our unique structured immersion course. Each lesson continues where the previous one left off. Level 1 lessons are conducted mainly in English. Later levels in the course will be conducted in Chinese that was taught in earlier levels. Learn English with the British Council and Premier League Jack Radford

Frequently Asked Questions

How long is this episode of RadioCSIRT - English Edition?

This episode is 7 minutes long.

When was this RadioCSIRT - English Edition episode published?

This episode was published on October 31, 2025.

What is this episode about?

🎧🎃 RadioCSIRT — Welcome to Your Daily Cybersecurity Briefing 💀⚡️🧟 VMware Tools — Actively Exploited by a Chinese GroupCISA has ordered U.S. federal agencies to patch vulnerability CVE-2025-41244, which allows local privilege escalation on VMware...

Can I download this RadioCSIRT - English Edition episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!