EPISODE · Nov 5, 2025 · 8 MIN
RadioCSIRT - Your Cybersecurity update for Wednesday, November 5, 2025 (Ep. 8)
from RadioCSIRT - English Edition · host Marc Frédéric GOMEZ
Welcome to your daily cybersecurity update 🕵️♂️🔥🌐 ICC — openDesk replaces Microsoft OfficeThe International Criminal Court announces its migration to the open-source suite openDesk, developed under Germany’s ZenDiS initiative. The goal is to strengthen digital sovereignty and reduce dependence on Microsoft solutions.🐧 Linux — The most critical kernel vulnerabilities of 2025The Linux kernel faces several critical vulnerabilities this year, including flaws that allow privilege escalation at kernel level. Virtualized and sandboxed systems are particularly at risk, with an urgent recommendation to patch immediately.🛡️ CISA — Two vulnerabilities added to the KEV catalogThe Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation. U.S. federal agencies must apply patches without delay — a measure extending to critical infrastructure operators.📦 cURL — Security policy bypassA major vulnerability affects cURL, enabling security policy bypasses on versions 7.69 through 8.x. CERT-FR recommends upgrading immediately to version 8.17.0 or higher.🧰 MISP — Multiple vulnerabilities prior to version 2.5.24Several security flaws — including XSS and policy bypass vulnerabilities — have been fixed in MISP 2.5.24. Unpatched instances may expose sensitive data and compromise data integrity.🔒 Absolute Secure Access — Denial of Service (CVE-2025-59595)A critical flaw can cause server crashes through specially crafted packets in specific configurations. The issue is fixed in version 14.12 and later.📵 United Kingdom — End of call spoofing by 2026British telecom operators will automatically block caller ID spoofing under the Telecoms Charter. The plan aims to curb fraud and strengthen the traceability of suspicious calls.💳 Eurojust — 18 arrests in global credit card fraudA coordinated operation across 19 countries has dismantled a criminal network responsible for laundering over €300 million. European authorities identified multiple fraudulent payment gateways used to process illicit funds.⚡️ Don’t think — just patch! 🚀📚 Sources:https://goodtech.info/cpi-abandonne-microsoft-opendesk/https://www.linuxjournal.com/content/most-critical-linux-kernel-breaches-2025-so-farhttps://www.cisa.gov/news-events/alerts/2025/11/04/cisa-adds-two-known-exploited-vulnerabilities-cataloghttps://www.cert.ssi.gouv.fr/avis/CERTFR-2025-AVI-0964/http://cert.ssi.gouv.fr/avis/CERTFR-2025-AVI-0965/https://cvefeed.io/vuln/detail/CVE-2025-59595https://www.bleepingcomputer.com/news/security/uk-carriers-to-block-spoofed-phone-numbers-in-fraud-crackdown/https://www.eurojust.europa.eu/news/eurojust-coordinates-major-operation-against-eur-300-million-global-credit-card-fraud-18📞 Share your feedback:📧 [email protected]🌐 www.radiocsirt.com📰 radiocsirtintl.substack.com#CyberSecurity #openDesk #Linux #CISA #cURL #MISP #Absolute #MISP #TelecomsCharter #Eurojust #CERT #SOC #CTI #RadioCSIRT 🎧🔥
NOW PLAYING
RadioCSIRT - Your Cybersecurity update for Wednesday, November 5, 2025 (Ep. 8)
No transcript for this episode yet
Similar Episodes
Mar 31, 2026 ·143m
Mar 24, 2026 ·88m
Feb 27, 2025 ·73m