Today's report Older


Source: CVE Trend
🐰Trending vulnerability
 UNRATED   CVE‑2025‑20282
Published: 2025-06-25  Updated: 2025-06-26

🥕🥕🥕⚪⚪⚪⚪⚪⚪⚪ (32%)
A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and then execute those files on the underlying operating system as root..This vulnerability is due a lack of file ..


Source: NIST
🐰NIST
 HIGH   CVE‑2025‑6381
Published: 2025-06-28  Updated: 2025-06-28

The BeeTeam368 Extensions plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.3.4 via the handle_remove_temp_file() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform actions on files outside of the originally intended directory. This vulnerability can be used to delete the wp-config.php file, which can be leveraged into a site takeover.
 HIGH   CVE‑2025‑6379
Published: 2025-06-28  Updated: 2025-06-28

The BeeTeam368 Extensions Pro plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.3.4 via the handle_live_fn() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform actions on files outside of the originally intended directory. This vulnerability can be used to delete the wp-config.php file, which can be leveraged into a site takeover.


🐰News
darkreading
 'CitrixBleed 2' Shows Signs of Active Exploitation
If exploited, the critical vulnerability allows attackers to maintain access for longer periods of time than the original CitrixBleed flaw, all while remaining undetected. (darkreading)

Security Affairs
 APT42 impersonates cyber professionals to phish Israeli academics and journalists
Iran-linked APT42 targets Israeli experts with phishing attacks, posing as security professionals to steal email credentials and 2FA codes. Iran-linked group APT42 (aka Educated Manticore, Charming Kitten, and Mint Sandstorm) is targeting Israeli [...] (Security Affairs)

The Hacker News
 Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit
A new campaign has been observed leveraging fake websites advertising popular software such as WPS Office, Sogou, and DeepSeek to deliver Sainbox RAT and the open-source Hidden rootkit. The activity has been attributed with medium confidence to a [...] (The Hacker News)

darkreading
 Hackers Make Hay? Smart Tractors Vulnerable to Full Takeover
Hackers can spy on tens of thousands of connected tractors in the latest IoT threat, and brick them too, thanks to poor security in an aftermarket steering system. (darkreading)

Security Affairs
 OneClik APT campaign targets energy sector with stealthy backdoors
A OneClik campaign, likely carried out by China-linked actor, targets energy sectors using stealthy ClickOnce and Golang backdoors. Trellix cybersecurity researchers uncovered a new APT malware campaign, OneClik, targeting the energy, oil, and gas [...] (Security Affairs)

The Hacker News
 PUBLOAD and Pubshell Malware Used in Mustang Panda's Tibet-Specific Attack
A China-linked threat actor known as Mustang Panda has been attributed to a new cyber espionage campaign directed against the Tibetan community. The spear-phishing attacks leveraged topics related to Tibet, such as the 9th World Parliamentarians' [...] (The Hacker News)

Unsourced
 MOVEit Transfer Systems Face Fresh Attack Risk Following Scanning Activity Surge
GreyNoise observed a surge in scanning activity targeting MOVEit Transfer systems since May 27, indicating the software could face renewed attacks (Unsourced)

darkreading
 Vulnerability Debt: How Do You Put a Price on What to Fix?
Putting a vulnerability debt figure together involves work, but having vulnerability debt figures lets you measure real-world values against your overall security posture. (darkreading)

darkreading
 Top Apple, Google VPN Apps May Help China Spy on Users
Apple and Google espouse strong values about data privacy, but they allow programs from a Big Brother state to thrive on their app stores, researchers allege. (darkreading)

darkreading
 US Falling Behind China in Exploit Production
Cyber operations have become critical to national security, but the United States has fallen behind in one significant area -- exploit production -- while China has built up a significant lead. (darkreading)



Source: Hybrid Analysis
🐰Top malicious URL


Source: Hybrid Analysis
🐰Top malicious files


Security Rabbits Copyright © 2025 Flo BI. All rights reserved.