08/13/2025-08/20/2025 N-able N-central Flaws, Malicious PyPI and npm Packages, CVE-2025-20265.

1. CISA Warns of N-able N-central Flaws Exploited in Zero-day Attacks

CISA warned that attackers are actively exploiting two security flaws in N-able’s N-central remote monitoring and management (RMM) platform. Widely used by MSPs and IT teams, N-central lets admins manage networks and devices from a central console.

The vulnerabilities—CVE-2025-8875 (insecure deserialization) and CVE-2025-8876 (improper input sanitization)—can allow authenticated attackers to execute commands. N-able confirmed the exploits, patched them in N-central 2025.3.1, and urged on-premises customers to upgrade immediately, stressing that its hosted cloud environments show no evidence of compromise.

CISA added the flaws to its Known Exploited Vulnerabilities Catalog, requiring federal agencies to patch by August 20 under Binding Operational Directive (BOD) 22-01. About 2,000 exposed N-central instances worldwide, mostly in the U.S., Australia, and Germany.CISA also urged private organizations to secure their systems quickly, warning that such flaws remain frequent attack vectors for malicious actors.

2. PyPI Blocks 1,800 Expired-Domain Emails to Prevent Account Takeovers and Supply Chain Attacks

PyPI now checks for expired domains to block supply chain attacks. The update targets domain resurrection attacks, where attackers buy expired domains and hijack PyPI accounts through password resets. These changes improve PyPI’s overall account security posture. Since June 2025, PyPI has unverified more than 1,800 email addresses tied to expiring domains. While not foolproof, the safeguard helps close a major attack vector, especially for abandoned packages still widely used by developers.

Expired domains pose a critical risk because attackers can acquire them, intercept password reset emails, and seize package accounts—an issue highlighted in 2022 when the ctx package was compromised. The new measure, powered by Fastly’s Status API, checks domains every 30 days and un-verifies expired ones. PyPI also urges users to enable two-factor authentication and add a backup email from a trusted domain like Gmail or Outlook.

3. Cisco’s Secure Firewall Management Center now not-so secure, springs a CVSS 10 RCE hole

Cisco has released a patch for a critical vulnerability in its Secure Firewall Management Center (FMC) software that could let unauthenticated, remote attackers execute arbitrary shell commands.

Tracked as CVE-2025-20265 and rated 10.0 on the CVSS scale, the flaw stems from improper input handling in FMC’s RADIUS authentication subsystem during login. Exploitation is possible only if FMC is configured to use RADIUS authentication for its web or SSH management interfaces. Cisco engineer Brandon Sakai discovered the bug during internal testing.

Cisco FMC is widely used by enterprises, MSPs, government agencies, and schools to manage firewalls, intrusion prevention, and other network security tools. While no exploitation has been observed yet, Cisco warns attackers could gain high-level privileges if the flaw is abused.

This marks the latest in a string of maximum-severity bugs in Cisco products, following three separate ISE and ISE-PIC flaws disclosed earlier this summer that also allowed root-level code execution.

4. Malicious PyPI and npm Packages Discovered Exploiting Dependencies in Supply Chain Attacks

Researchers have uncovered a malicious package on the Python Package Index that uses a dependency to establish persistence and enable remote code execution.
The package, termncolor, relied on a secondary library called colorinal in a multi-stage malware chain. Termncolor was downloaded 355 times and colorinal 529 before removal. Once executed, termncolor imported colorinal, which loaded a rogue DLL to decrypt and launch further payloads. The malware deployed “vcpktsvr.exe” with a malicious “libcef.dll,” capable of stealing system data and communicating with a command-and-control server via Zulip chat. Persistence was achieved through a Windows registry entry, while Linux systems were infected with a shared object file called “terminate.so.” The disclosure comes as npm has also faced waves of malicious packages used for data theft, credential harvesting, and cryptocurrency attacks, underscoring the ongoing risks to open-source supply chains.

08/01/2025-08/07/2025 Apex One Flaws Exploted in the Wild, NVIDIA Triton Bugs Let Unauthenticated Attackers Execute Code, Malicious AI-generated npm Package Hits Solana Users And More.

1. Trend Micro Apex One Flaws Exploted in the Wild (CVE-2025-54948, CVE-2025-54987)

Trend Micro has warned of two unauthenticated command injection vulnerabilities (CVE-2025-54948, CVE-2025-54987) affecting its on-premise Apex One endpoint security platform. These flaws, which could lead to remote code execution, are currently under active investigation following reports of attempted exploitation. A full patch is expected mid-August 2025, but a temporary “fix tool” is available. It mitigates the risk but disables the Remote Install Agent function; other install methods remain unaffected.

The flaws exist in the Apex One console (TCP ports 8080 and 4343) due to improper input validation. They affect versions 20216 and below, as well as Management Server Version 14039 and earlier. Mitigations for cloud versions were deployed on July 31. The flaws require console access, so Trend Micro urges organizations to restrict exposure and apply the fix immediately—followed by the patch when released.

2. NVIDIA Triton Bugs Let Unauthenticated Attackers Execute Code and Hijack AI Servers

Multiple security flaws have been discovered in NVIDIA’s Triton Inference Server for Windows and Linux, potentially allowing remote, unauthenticated attackers to take full control of affected systems. The open-source platform, used for running AI models, is vulnerable to remote code execution (RCE), denial of service, and data tampering.

Three key CVEs (CVE-2025-23319, CVE-2025-23320, CVE-2025-23334) impact the Python backend, which handles inference requests for AI frameworks like PyTorch and TensorFlow. Chained together, these bugs could leak internal memory details and lead to a complete server compromise.

Wiz researchers demonstrated how an attacker could exploit these flaws without credentials, posing serious risks such as model theft, AI response manipulation, and network infiltration.

NVIDIA has patched the issues in version 25.07 and also addressed additional critical bugs (CVE-2025-23310, CVE-2025-23311, CVE-2025-23317) related to unsafe HTTP request handling. Users are strongly urged to update to stay protected.

3. Malicious AI-generated npm Package Hits Solana Users

An AI-generated npm package, @kodane/patch-manager, was flagged for draining Solana wallets and removed after over 1,500 downloads on July 28, 2025. Disguised as a “Registry Cache Manager,” it hid malicious scripts that targeted macOS, Linux, and Windows systems. It used postinstall scripts to hide files and established persistence through a background script (connection-pool.js) connecting to an open C2 server. Once wallets were found, a second script (transaction-cache.js) drained funds to a hardcoded Solana address.

The malware, uploaded by a user named “Kodane,” had 19 versions published in just two days. Despite its malicious purpose, the package had polished documentation and code, likely AI-generated. Cybersecurity firm Safety noted patterns typical of AI tools like Claude, such as excessive logs, emojis, and frequent use of terms like “Enhanced.” Analysts believe AI was used to make the code look professional and trustworthy, increasing download rates before discovery.

4. Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install

A critical vulnerability (CVE-2025-5394) in the Alone – Charity Multipurpose Non-profit WordPress Theme is being actively exploited to hijack websites. Rated 9.8 on the CVSS scale, the flaw affects all versions up to 7.8.3 and was patched in version 7.8.5 on June 16, 2025. The issue stems from a missing capability check in the alone_import_pack_install_plugin() function. This allows unauthenticated users to upload arbitrary plugins via AJAX, enabling remote code execution and full site takeover. Exploitation began on July 12, ahead of public disclosure, suggesting attackers may have monitored code changes. Wordfence reports over 120,000 blocked exploit attempts, many deploying ZIP archives containing PHP backdoors to run remote commands or create rogue admin accounts. Admins using the theme should immediately update, review admin users, and scan for suspicious AJAX requests to /wp-admin/admin-ajax.php?action=alone_import_pack_install_plugin.

07/24/2025-07/31/2025 Phishing Attack Targeting Developers With Fake PyPI Site, Toptal GitHub Breach Exposes 73 Repositories and Injects Malware into 10 npm Packages And More.

1. Wiz Uncovers Critical Access Bypass Flaw in AI-Powered Vibe Coding Platform Base44

Researchers have disclosed a now-patched critical flaw in Base44, a popular AI-powered “vibe coding” platform owned by Wix, that allowed unauthorized access to private applications. The issue, tracked as CVE-2025-31324, stemmed from exposed registration and OTP verification endpoints that required only a visible “app_id” to bypass authentication, including SSO protections. Wiz discovered the vulnerability and reported it on July 9, 2025. Wix issued a fix within 24 hours, and there’s no evidence of active exploitation. The flaw allowed attackers to register and verify accounts for private apps, gaining full access without permission. As AI tools like Base44 rise in popularity, ensuring built-in security is critical. Experts also warn that generative AI systems remain vulnerable to prompt injection, jailbreaks, and misconfigurations, underlining the need for proactive security frameworks like toxic flow analysis.

2. PyPI Warns of New Phishing Attack Targeting Developers With Fake PyPI Site

PyPI has issued an urgent warning about an ongoing phishing campaign targeting developers through domain spoofing to steal credentials. The attack uses emails from [email protected] (a typosquatted version of pypi.org) with the subject “[PyPI] Email verification.” These emails direct users to a fake website that mimics PyPI’s login page.

The phishing site uses pass-through authentication to capture credentials while forwarding them to PyPI, tricking users into believing they’ve logged in safely. The campaign targets developers with public emails linked to published PyPI packages. PyPI confirms that its systems remain secure and that this is an external phishing attempt, not a breach. A warning banner has been added to the official site, and PyPI is working with domain registrars and CDNs to shut down the malicious infrastructure.

Developers are urged to verify URLs before logging in, delete suspicious emails, and change passwords immediately if compromised. Monitoring account activity is also strongly advised.

3. U.S. CISA Adds Cisco ISE and PaperCut NG/MF Flaws to its Known Exploited Vulnerabilities Catalog

CISA has added critical flaws in Cisco Identity Services Engine (ISE) and PaperCut NG/MF to its Known Exploited Vulnerabilities (KEV) catalog. The Cisco flaws—CVE-2025-20281, CVE-2025-20282, and CVE-2025-20337—allow unauthenticated, remote attackers to execute code as root via vulnerable APIs. Cisco confirmed attempted exploitation in July 2025 and urges users to upgrade immediately. CVE-2025-20281 and CVE-2025-20282 (CVSS 10) affect ISE/ISE-PIC 3.3+ and 3.4, respectively, while CVE-2025-20337 is a newly patched, similar flaw.

Also added is CVE-2023-2533, a CSRF vulnerability in PaperCut NG/MF (CVSS 8.4), which allows attackers to hijack admin sessions and change security settings through crafted malicious links. While Cisco hasn’t revealed details on the threat actors, federal agencies must address these vulnerabilities under Binding Operational Directive 22-01. Private organizations are also urged to review the KEV catalog and patch affected systems promptly.

4. Toptal GitHub Breach Exposes 73 Repositories and Injects Malware into 10 npm Packages

In a recent software supply chain attack, unknown threat actors compromised Toptal’s GitHub organization and uploaded 10 malicious packages to the npm registry. The packages, which were downloaded around 5,000 times, contained code to steal GitHub tokens and delete files on both Windows and Linux systems. The attack targeted preinstall and postinstall scripts, sending stolen data to a webhook site before wiping the victim’s system. The breach also exposed 73 private Toptal repositories. It’s unclear how the compromise occurred—potential causes include stolen credentials or insider threats. All affected packages have been reverted to safe versions.

Separately, another campaign targeted both npm and PyPI with spyware capable of keylogging, screenshot and webcam capture, and data theft. Data was sent via Slack webhooks, Gmail SMTP, and AWS Lambda.

Additionally, the Amazon Q extension for VS Code was found to contain malicious commands to delete user systems and AWS resources. Amazon has removed the rogue version and released a fixed update.