![Cybersecurity News | Daily Recap [06 Oct 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [06 Oct 2025]")
Daily Recap, Oracle EBS and Zimbra face critical zero-days actively exploited by Cl0p and attackers targeting the Brazilian military, prompting urgent patches and monitoring. AI-driven defenses and cloud/CI/CD hardening continue as new threats emerge, including Unity flaws, Salesforce extortion, and XWorm expansions, with ongoing emphasis on rapid remediation and threat intel sharing. #CVE-2025-61882 #CVE-2025-27915 #Cl0p #UnityFlaw #Lapsus$ #ScatteredSpider #ShinyHunters #Salesforce #XWorm
Critical Zero-days
- Oracle issues emergency patches for a critical zero-day CVE-2025-61882 in Oracle E-Business Suite being actively exploited by Cl0p for unauthenticated remote code execution and data theft — urgent patching recommended – Oracle EBS, Oracle EBS, Oracle EBS
- A zero-day CVE-2025-27915 in Zimbra was exploited to target the Brazilian military using malicious ICS files that executed JavaScript for credential theft and email redirection – Zimbra Zero-day
Platform Flaws
- A critical Unity engine vulnerability allows remote code execution and privilege escalation across Android, Windows, and Linux, prompting developer advisories and urgent updates from Valve and Microsoft – Unity Flaw, Unity Flaw
- U.S. CISA added multiple high-risk flaws (including Bash, Jenkins, Samsung, Juniper ScreenOS, and Smartbedded Meteobridge) to its Known Exploited Vulnerabilities catalog, urging immediate remediation – Known Exploited
Malware
- New variants of the XWorm backdoor have resurfaced via phishing with a new ransomware module and support for over 35 plugins enabling data theft, remote control, and encryption – XWorm Return
Breaches & Extortion
- A threat actor group claiming ties to Lapsus$, Scattered Spider, and ShinyHunters is extorting Salesforce after stealing data from dozens of customers and threatening leaks unless paid – Salesforce Extortion
- A data breach at Florida radiology practice Doctors Imaging Group exposed records of over 171,000 individuals, with the investigation completed and authorities notified – Doctors Imaging
- Event app Partiful leaked GPS location data via photo metadata (EXIF) on user-uploaded images; the company says the issue is fixed but privacy concerns remain – Partiful Leak
Cloud Security
- Research shows weaponizing AWS X-Ray as a covert command-and-control channel can bypass traditional detection, outlining attack flow and tooling for stealthy cloud C2 operations – Ghost in Cloud
- Wiz launched Zeroday.Cloud, a cloud hacking competition offering $4.5 million in bounties for exploits in cloud/virtualization software (AI, Kubernetes, web servers, DBs) in partnership with major cloud providers – Zeroday Cloud
AI & Threat Research
- AI is increasingly integrated into cybersecurity workflows with vendors like Wazuh adding AI-driven insights, vulnerability profiling, and threat-hunting features to speed detection and response – AI in Security
- Weekly threat research roundup highlights abuse across messaging/social platforms, ransomware/extortion trends (e.g., Yurei, FunkLocker), notable APT activity (e.g., Lazarus, Phantom Taurus), Linux threats, and tooling guidance for hunting and intel ops – Weekly Recap