![Cybersecurity News | Daily Recap [07 Oct 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [07 Oct 2025]")
Daily Recap, Researchers disclosed a 13-year Redis vulnerability (CVE-2025-49844) that could allow sandbox escapes and native code execution, impacting about 330,000 instances. The month-round of patches includes OpenSSL in Zabbix Agent, Unity CVE-2025-59489, Y2K38 time manipulation risks, and Microsoft tightening Windows 11 setup flows, with Copilot issues in Office apps.
#Redis #Unity #Zabbix-Agent #Y2K38 #Windows11 #Copilot
#Redis #Unity #Zabbix-Agent #Y2K38 #Windows11 #Copilot
Vulnerabilities & Patches
- Researchers disclosed a 13-year-old Redis vuln (CVE-2025-49844) that lets attackers escape the Lua sandbox and execute native code, impacting nearly 330,000 instances â Redis Flaw, Redis Flaw
- A misconfigured OpenSSL file in Zabbix Agent for Windows (CVE-2025-27237) can allow local attackers to escalate to SYSTEMâupdate immediately â Zabbix Agent
- A critical Unity vulnerability (CVE-2025-59489) permits arbitrary code via malicious command-line args and prompted coordinated fixes from Microsoft/Steam/Unity â Unity Bug
- Researchers warn the Y2K38 issue is exploitable today through timeâmanipulation, posing risks to critical infrastructure and connected devices â Y2K38 Bug
- Microsoft removed installer tricks that allowed skipping Microsoft Account setup in Windows 11 to enforce secure device configuration â Win11 Setup
- Microsoft is fixing a bug that causes Copilot and other Office features to fail when multiple Office apps run, resulting in Outlook crashes and related issues â Copilot Bug
Exploits & Ransomware
- A deserialization zero-day in Fortra GoAnywhere MFT (CVE-2025-10035) has been exploited by Storm-1175 to deploy Medusa ransomware across hundreds of organizations; urgent patching and monitoring advised â GoAnywhere Zero-day, GoAnywhere Zero-day, GoAnywhere Zero-day, GoAnywhere Zero-day, GoAnywhere Zero-day
- Actor Cl0p (Graceful Spider) is exploiting Oracle EâBusiness Suite (CVE-2025-61882) to upload web shells and extort victims, prompting FBI and UK patch alertsâapply vendor fixes now â Oracle EBS, Oracle EBS
APTs & Malware Campaigns
- Modular malware XWorm 6.0 resurfaced with over 35 plugins and expanded dataâtheft features, keeping it a persistent global threat â XWorm 6.0
- A Chinese APT used fake Cloudflare lures to spearâphish European government and aviation targets and deliver PlugX for espionage operations â PlugX Campaign
- APT SideWinder launched âOperation SouthNet,â abusing Netlify/Pages.dev to steal credentials and conduct maritime and government espionage across South Asia â SouthNet Ops
- Scattered Spider has evolved into an insiderâpowered access market targeting firms like Microsoft and Apple, monetizing insider access and extortion schemes â Scattered Spider
- Investigations link Beijing institute BIETA to the MSS, alleging work on steganography and malware that supports Chinese intelligence cyber operations â BIETA Links, BIETA Links
- New WhatsAppâbased campaign in Brazil spreads Sorvepotel, delivering banking trojans to government and business targets via infected contacts â Sorvepotel
Data Breaches & Incidents
- Hackers stole support tickets and sensitive user data from a thirdâparty provider used by Discord, including IDs and messages, and tried to extort the company â Discord Breach, Discord Breach, Discord Breach
- ShinyHunters has escalated an extortion campaign against Red Hat, leaking samples of stolen customer reports as pressure to pay ransom increases â Red Hat Breach
- Publicâsafety firm BK Technologies reported an intrusion exposing employee data with minor operational impact and most costs covered by insurance â BK Technologies
- Jaguar Land Rover is restarting global production after a cyberattack that halted manufacturing, supported by governmentâbacked loans to stabilize operations â JLR Restart
AI, Research & Events
- New research shows AI is already the top enterprise dataâexfiltration channelâsurpassing shadow SaaSâand calls for immediate AI governance and controls â AI Exfil
- AIâpowered Breach and Attack Simulation platforms convert threat intel into validated attack runs to prioritize fixes and demonstrate measurable ROI to leadership â AI BAS
- Experts outline 5 critical questions organizations must ask before adopting AIâSPM solutions to secure AI pipelines, data, and compliance posture â AI Security
- The Zeroday Cloud hacking contest offers $4.5 million in bounties for bugs in openâsource cloud and AI stacks to harden critical projects â Zeroday Cloud
Funding & M&A
- French threatâprevention startup Filigran closed a $58 million Series C to expand globally and scale products like OpenCTI/OpenBAS â Filigran $58M
- September 2025 saw 40 cybersecurity M&A deals as the sector continues consolidation following 405 deals in 2024âhighlighting interest in AI, identity, and IoT security â M&A Roundup
Policy & Telecom
- Russia is enforcing 24âhour mobile internet blocks for foreign SIM users citing drone threats, risking travel and crossâborder business connectivity â Russia SIM Block
- The Signal Foundation warned it will leave the EU market if forced to comply with proposed âChat Controlâ massâscanning rules that undermine endâtoâend encryption and privacy â Chat Control