VulnHub

Researchers have identified a cross-site scripting (XSS) vulnerability in the control panel of StealC malware, an infostealer that has been operating since at least 2023. This malware, which is sold as a service, targets and extracts sensitive information like cookies and passwords from victims. The flaw in the control panel has exposed important details about the attackers behind the malware, raising concerns about the ongoing threat to users' data security. Since its update to StealC v2 in 2025, the malware has continued to pose risks to individuals and organizations alike. The discovery emphasizes the need for vigilance against such malware, as the information leak could lead to further malicious activities by the attackers.

CyberArk has reported that it successfully exploited a vulnerability in the StealC infostealer malware to gather intelligence. This malware is known for stealing sensitive information from infected systems, which can include login credentials, financial data, and personal information. By exploiting the flaw, researchers were able to collect evidence that can help understand how the malware operates and how it might be mitigated. This incident underscores the ongoing challenges posed by infostealers and the need for organizations to remain vigilant against such threats. Users and companies should ensure their systems are updated and monitor for signs of compromise, as infostealers like StealC can have serious implications for data security.

A recent report from Infosecurity Magazine indicates that industrial technology environments are facing a significant surge in cyberattacks. The number of incidents has doubled, particularly targeting vulnerabilities in industrial control systems. This increase poses serious risks for industries reliant on these systems, as attackers may exploit weaknesses to disrupt operations or compromise sensitive data. Companies operating in sectors such as manufacturing, energy, and transportation should be particularly vigilant, as the implications of these attacks could lead to operational downtime and financial losses. The trend highlights the urgency for organizations to enhance their cybersecurity measures to protect against evolving threats.

Researchers discovered a cross-site scripting (XSS) vulnerability in the web-based control panel of the StealC info-stealing malware. This flaw allowed them to monitor the malware operators' active sessions and collect data on their hardware setups. StealC is designed to steal sensitive information from users, which means this incident not only exposes the attackers but also raises concerns about the ongoing effectiveness of such malware. Understanding these vulnerabilities can help cybersecurity experts develop better defenses against similar threats. The incident serves as a reminder that even sophisticated malware can have weaknesses that researchers can exploit to gain insights into cybercriminal operations.

A new vulnerability known as the WhisperPair attack has been discovered, affecting millions of Bluetooth audio accessories that improperly implement Google's Fast Pair technology. This flaw allows attackers to hijack devices, potentially leading to unauthorized access to audio streams and user data. Products impacted include various Bluetooth headphones, earbuds, and speakers from multiple manufacturers. The significance of this issue lies in the widespread use of Bluetooth audio devices, making many users susceptible to exploitation. Users are urged to check for updates from their device manufacturers to mitigate the risk.

Cisco has addressed a serious flaw in its Secure Email products, which was exploited by a China-linked hacking group known as UAT-9686. The vulnerability, tracked as CVE-2025-20393, has a maximum severity score of 10.0 and affects the Secure Email Gateway and Email and Web Manager. Attackers were able to exploit this flaw as a zero-day, meaning it was actively used in attacks before a patch was made available. It's crucial for users of these products to apply the latest updates to protect their systems from potential exploitation. This incident highlights the ongoing risks posed by advanced persistent threat groups targeting widely used software.

Cisco has addressed a serious vulnerability in its AsyncOS software that has been exploited since November 2025. This zero-day flaw specifically affects Secure Email Gateway (SEG) appliances, which are used by organizations to filter and protect email traffic. Attackers have been able to exploit this weakness, putting sensitive data at risk and potentially compromising email communications for users relying on these appliances. The timely patch is crucial for organizations to secure their email systems and prevent further exploitation. Companies using these SEG appliances should prioritize applying the update to safeguard against these attacks.

Check Point Research has reported a significant increase in attacks exploiting a vulnerability in HPE OneView, a management tool for Hewlett Packard Enterprise systems. The Linux-based RondoDox botnet is behind this wave of attacks, which raises concerns for organizations using HPE's software. The vulnerability allows attackers to take control of affected systems, potentially leading to data breaches or service disruptions. Companies using HPE OneView should take immediate action to secure their systems. The situation emphasizes the ongoing risk that vulnerabilities pose to enterprise environments and the need for timely patching and vigilance against emerging threats.