EPISODE · Oct 31, 2025 · 7 MIN
RadioCSIRT English Version, Your Daily Cyber Security News, Oct 31, 2025 - (Ep.3)
from RadioCSIRT - English Edition · host Marc Frédéric GOMEZ
🎧🎃 RadioCSIRT — Welcome to Your Daily Cybersecurity Briefing 💀⚡️🧟 VMware Tools — Actively Exploited by a Chinese GroupCISA has ordered U.S. federal agencies to patch vulnerability CVE-2025-41244, which allows local privilege escalation on VMware Aria Operations and VMware Tools virtual machines. The flaw has been exploited since October 2024 by the UNC5174 threat group.🕸️ XWiki Platform — Critical Injection (CVE-2025-24893)A critical injection vulnerability in the SolrSearch function allows unauthenticated remote code execution. Rated CVSS 9.8, this flaw is under active exploitation. Fixes are available in versions 15.10.11, 16.4.1, and 16.5.0RC1.🦇 UNC6384 — Diplomatic Espionage in EuropeDiplomatic entities in Belgium and Hungary were targeted by the Chinese APT UNC6384 via malicious emails. The attackers used the PlugX malware and exploited a Windows vulnerability disclosed in March 2025. Their goal: monitor NATO and EU diplomatic discussions.🧛 Airstalk — New .NET and PowerShell Malware StrainUnit 42 has identified a new malware dubbed Airstalk, likely used in a state-sponsored supply chain attack. It hijacks the AirWatch/Workspace ONE API to establish a hidden C2 channel, exfiltrating cookies, browsing history, and screenshots.🕷️ Personalized Scams — Exploiting Digital FingerprintsScammers are increasingly leveraging publicly available social media data to craft personalized attack vectors. Malwarebytes researchers describe techniques ranging from AI-cloned voices to geolocated fake profiles and data-driven impersonation campaigns.🧙 Microsoft & NSA — Exchange Server Hardening GuideCISA and the NSA have released a joint international guide for securing on-premises Exchange servers. It focuses on three pillars: strengthening authentication, encrypting network communications, and reducing the attack surface to prevent persistent compromises.⚡️ Don’t think, just patch! 🎃📚 Sources:https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-vmware-tools-flaw-exploited-since-october-2024/https://cybersecuritynews.com/xwiki-platform-injection-vulnerability-exploited/https://therecord.media/belgium-hungary-diplomatic-entities-hacked-unc6384https://unit42.paloaltonetworks.com/new-windows-based-malware-family-airstalk/https://www.malwarebytes.com/blog/inside-malwarebytes/2025/10/how-scammers-use-your-data-to-create-personalized-tricks-that-workhttps://thehackernews.com/2025/10/cisa-and-nsa-issue-urgent-guidance-to.html📞 Share your feedback:📧 [email protected]🌐 www.radiocsirt.com📰 radiocsirtinl.substack.com#CyberSecurity #VMware #UNC5174 #XWiki #Airstalk #UNC6384 #Exchange #Malwarebytes #RadioCSIRT #Halloween #Infosec 🎃👻
NOW PLAYING
RadioCSIRT English Version, Your Daily Cyber Security News, Oct 31, 2025 - (Ep.3)
No transcript for this episode yet
Similar Episodes
Mar 31, 2026 ·143m
Mar 24, 2026 ·88m
Feb 27, 2025 ·73m