VulnHub

A phone phishing attack has compromised a system at Harvard University, leading to the theft of sensitive information related to alumni, donors, students, and staff. This incident highlights the severity of social engineering attacks and their potential to affect a wide range of individuals associated with the institution.

The article highlights five vulnerabilities in the open-source tool Fluent Bit, which could lead to severe security issues such as path traversal attacks, remote code execution, denial-of-service, and tag manipulation. These flaws pose a significant risk to cloud services, potentially allowing attackers to take control of affected systems.

Palo Alto Networks has identified new malicious language models, WormGPT 4 and KawaiiGPT, that are being utilized by cybercriminals to enhance their phishing, malware development, and reconnaissance efforts. The rise of these dark LLMs represents a significant threat to cybersecurity, automating and streamlining various cybercrime activities.

The 'JackFix' attack represents a new variant of ClickFix, significantly increasing psychological pressure on targets while overcoming some of the existing technical mitigations against traditional ClickFix attacks. This escalation highlights the evolving nature of cybersecurity threats and the need for continuous adaptation in defense strategies.

The SitusAMC hack has resulted in the theft of sensitive corporate data, including accounting records and legal agreements, impacting major US banks. While the attack did not involve file-encrypting ransomware, the breach raises significant concerns about data security and the potential for misuse of the stolen information.

The Festo Compact Vision System and related products have critical vulnerabilities that could allow unauthorized access and modification of configuration files, with a CVSS score of up to 9.8. Users are urged to implement security measures to mitigate the risk of exploitation, as these vulnerabilities could severely impact device security and integrity.

The article discusses a vulnerability in Opto 22's groov View that allows for the exposure of sensitive information through metadata, potentially leading to credential and key exposure as well as privilege escalation. This vulnerability, assigned CVE-2025-13084, has a CVSS v4 score of 6.1 and affects multiple versions of groov View, necessitating immediate remediation to mitigate risks.

CISA has released seven advisories addressing security vulnerabilities in various Industrial Control Systems (ICS). These advisories highlight the need for users and administrators to review the technical details and implement mitigations to protect against potential exploits.

The Ashlar-Vellum products Cobalt, Xenon, Argon, Lithium, and Cobalt Share have critical vulnerabilities, specifically an Out-of-Bounds Write and a Heap-based Buffer Overflow, which could allow attackers to disclose information or execute arbitrary code. The vulnerabilities have a CVSS v4 score of 8.4, indicating a high severity level, and users are urged to update their software to mitigate risks.

The SiRcom SMART Alert (SiSA) system has a critical vulnerability due to missing authentication for critical functions, allowing unauthorized remote access to backend APIs. This could enable attackers to manipulate emergency sirens, posing a significant risk to public safety and critical infrastructure.

The Zenitel TCIV-3+ device has critical vulnerabilities, including OS Command Injection and Cross-site Scripting, with a CVSS v4 score of 10.0, indicating a severe risk of arbitrary code execution and denial-of-service. Users are strongly advised to upgrade to version 9.3.3.0 or later to mitigate these risks.

Rockwell Automation's Arena Simulation software has a stack-based buffer overflow vulnerability that could allow local attackers to execute arbitrary code. The vulnerability, identified as CVE-2025-11918, has a CVSS v4 score of 7.1, indicating a significant risk for affected installations, particularly in critical manufacturing sectors.

The article highlights the imminent shift in cybersecurity as threat actors increasingly leverage AI for attacks by 2026, posing significant risks to security teams. This evolution in tactics necessitates urgent adaptations in security strategies to combat the sophisticated use of AI in cyber threats.