07/16/2025-07/23/2025 SysAid Vulnerability Exploitation, Active Exploitation Of ISE and ISE-PIC Flaws, npm Linter Packages Hijacked And More.

1. CISA Warns of SysAid Vulnerability Exploitation

CISA has added two recently patched SysAid On-Prem vulnerabilities—CVE-2025-2776 and CVE-2025-2775—to its KEV catalog. Patched in March 2025 with version 24.4.60 of SysAid’s ITSM software, the flaws are pre-authentication XML external entity (XXE) issues discovered by WatchTowr in December 2024.

WatchTowr published proof-of-concept (PoC) exploit code in May 2025 and warned that the bugs could be chained with CVE-2024-36394, a separate OS command injection flaw, to enable unauthenticated remote command execution. Despite this, CVE-2024-36394 has not been added to the KEV list.

SysAid claims over 10 million users worldwide, though only 77 vulnerable internet-exposed instances were identified at disclosure. CISA notes there’s no evidence these flaws have been used in ransomware attacks. However, SysAid products have been previously targeted—most notably in 2023 by Cl0p ransomware exploiting a zero-day (CVE-2023-47246). 

2. Cisco Сonfirms Active Exploitation Of ISE and ISE-PIC Flaws

Cisco has confirmed active exploitation of critical vulnerabilities in its Identity Services Engine (ISE) and Passive Identity Connector (ISE-PIC), observed in July 2025. The flaws—CVE-2025-20281, CVE-2025-20282, and CVE-2025-20337—allow unauthenticated remote attackers to execute arbitrary code with root privileges.
The company warns that attackers are targeting these vulnerabilities in the wild and strongly urges customers to upgrade to fixed software versions. CVE-2025-20281 and CVE-2025-20282 (both CVSS 10) affect ISE/ISE-PIC versions 3.3+ and 3.4, respectively, enabling code execution via vulnerable or internal APIs due to poor input and file validation.

CVE-2025-20337, patched last week, is similar to CVE-2025-20281 and also allows root-level code execution. All three flaws stem from improper validation mechanisms, making it possible to upload malicious files or send crafted API requests.

3. Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks

Microsoft has released patches for CVE-2025-53770, a critical remote code execution flaw (CVSS 9.8) in on-premises SharePoint Server actively exploited in the wild. The flaw stems from the deserialization of untrusted data. A related spoofing vulnerability, CVE-2025-53771 (CVSS 7.1), was also disclosed and patched with enhanced protections.

Both issues are tied to earlier flaws (CVE-2025-49704 and CVE-2025-49706) used in a ToolShell exploit chain patched in July 2025. Microsoft noted that CVE-2025-53770 is a variant of CVE-2025-49706.

Only on-premises SharePoint versions are affected, including Server 2016, 2019, and Subscription Edition. SharePoint Online is unaffected.

Customers are urged to apply the latest updates, enable AMSI in Full Mode, rotate ASP.NET machine keys, and restart IIS. Over 50 organizations, including banks and universities, have reportedly been compromised since July 18.

CISA has added CVE-2025-53770 to its Known Exploited Vulnerabilities catalog, mandating fixes for U.S. federal agencies by July 21, 2025.

4. EncryptHub Targets Web3 Developers Using Fake AI Platforms to Deploy Fickle Stealer Malware

Threat actor EncryptHub (aka LARVA-208/Water Gamayun) is targeting Web3 developers with stealer malware, using fake AI platforms like “Norlax AI” to lure victims through job offers and portfolio reviews. Swiss firm PRODAFT revealed the attackers trick targets into clicking meeting links sent via X, Telegram, or job board Remote3. An initial Google Meet call builds trust before redirecting victims to Norlax AI, where a fake audio driver error prompts malware download.

The malware, disguised as a Realtek audio driver, uses PowerShell to deploy Fickle Stealer, harvesting crypto wallets and dev credentials, then sending them to a server dubbed SilentPrism. This marks a shift in EncryptHub’s tactics from ransomware to data theft and resale.

5. Popular npm Linter Packages Hijacked via Phishing to Drop Malware

Several widely used JavaScript libraries, including eslint-config-prettier (30M+ weekly downloads), were hijacked in a supply chain attack after the maintainer, JounQin, fell for a phishing email mimicking npm support. Other impacted packages include eslint-plugin-prettier, synckit, @pkgr/core, and napi-postinstall.

On July 18, developers noticed suspicious behavior in versions 8.10.1, 9.1.1, 10.1.6, and 10.1.7 of eslint-config-prettier, which lacked corresponding GitHub changes. The attacker used a stolen npm token to inject malicious postinstall scripts running install.js, which executed a trojanized DLL (node-gyp.dll) via Windows’ rundll32.
The malicious DLL is currently flagged by only 19 of 72 antivirus engines on VirusTotal.

Security researcher MalwareUtkonos also flagged a similar compromise of the got-fetch package by a different maintainer, suggesting the same threat actor is behind both attacks. That maintainer has since archived the GitHub repo and deprecated all versions.

Developers are urged to review affected packages and avoid installing compromised versions.

6. Hackers Use GitHub Repositories to Host Amadey Malware and Data Stealers, Bypassing Filters

Threat actors are abusing public GitHub repositories to host malicious payloads and distribute them via Amadey malware. The campaign involves fake GitHub accounts hosting Amadey plugins and tools, delivered using the Emmenhtal loader (aka PEAKLIGHT). The campaign mirrors a February 2025 phishing attack that distributed SmokeLoader via Emmenhtal, targeting Ukrainian organizations. In this latest campaign, Emmenhtal delivers Amadey, which can collect system data and deploy payloads like Lumma, RedLine, and Rhadamanthys Stealers. Some JavaScript and Python scripts in the GitHub repos are updated versions of Emmenhtal loaders.
GitHub has since taken down the fake accounts, but the activity reflects broader malware-as-a-service (MaaS) abuse of trusted platforms.

Meanwhile, Trellix reported SquidLoader targeting financial firms in Hong Kong. It employs advanced anti-analysis features and drops Cobalt Strike beacons.

07/09/2025-07/16/2025 Google AI “Big Sleep” Stops Exploitation of Critical SQLite Vulnerability, Critical mcp-remote Vulnerability, Patch for Critical SQL Injection Flaw And More.

1. Google AI “Big Sleep” Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act

Google announced that its AI-assisted vulnerability detection system, Big Sleep, uncovered a critical flaw (CVE-2025-6965, CVSS 7.2) in the SQLite database before it could be exploited. The memory corruption bug, affecting versions prior to 3.50.2, could allow attackers to trigger an integer overflow via arbitrary SQL injection.Google described this latest discovery as the first known case where an AI directly prevented a real-world exploit.

To ensure AI agents like Big Sleep operate safely, Google published a white paper outlining a hybrid security model. It combines traditional, rule-based controls with dynamic AI reasoning to create “defense-in-depth” safeguards. These enforced boundaries aim to reduce risks such as prompt injection and unauthorized actions.

2. Critical mcp-remote Vulnerability Exposes LLM Clients to Remote Code Execution Attacks

A critical vulnerability, CVE-2025-6514 (CVSS 9.6), affects versions 0.0.5–0.1.15 of the mcp-remote project, allowing remote code execution (RCE) via untrusted MCP server connections. The flaw poses serious risks to LLM clients (e. g., Claude Desktop) by enabling OS command injection through malicious authorization_endpoint values during OAuth metadata discovery.

Attackers can exploit this either by hosting a malicious MCP server or via man-in-the-middle attacks over unsecured HTTP connections. On Windows systems, the issue stems from PowerShell’s subexpression evaluation, enabling arbitrary command execution—such as writing files or running system commands—without proper validation.

Remediation steps:

• Update to mcp-remote v0.1.16 immediately.
• Use HTTPS-only connections to trusted servers.
• Audit MCP configurations and remove any HTTP-based endpoints.
• Enforce strict trust policies for remote servers.

With LLM platforms increasingly integrating MCP, maintaining secure configurations and monitoring for similar threats is critical to preventing system compromise.

3. Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)

Fortinet has patched a critical vulnerability (CVE-2025-25257, CVSS 9.6) in FortiWeb that allows unauthenticated attackers to execute arbitrary SQL commands via crafted HTTP/HTTPS requests. The flaw stems from improper input sanitization in the get_fabric_user_by_token function, part of the Fabric Connector component, and affects multiple API endpoints.

Exploiting this SQL injection can lead to remote code execution by using SQL’s SELECT ... INTO OUTFILE to write and execute malicious files on the system, which runs queries under the mysql user.

Impacted versions include:

• FortiWeb 7.6.0–7.6.3 (fix: update to 7.6.4+)
• 7.4.0–7.4.7 (update to 7.4.8+)
• 7.2.0–7.2.10 (update to 7.2.11+)
• 7.0.0–7.0.10 (update to 7.0.11+)

Fortinet recommends disabling the HTTP/HTTPS admin interface as a temporary workaround and urges users to apply patches immediately due to past exploitation of Fortinet vulnerabilities.

4. Hackers Are Exploiting Critical RCE Flaw In Wing FTP Server

Hackers began exploiting a critical RCE vulnerability (CVE-2025-47812) in Wing FTP Server just one day after technical details became public. The flaw combines a null byte and Lua code injection, allowing unauthenticated remote attackers to execute code as root/SYSTEM on affected systems (v7.4.3 and earlier).

The vulnerability stems from unsafe handling of null-terminated strings and poor input sanitization. By injecting a null byte in the username field, attackers can bypass authentication and inject Lua code into session files, leading to arbitrary code execution.

Security firm Huntress observed real-world attacks using this flaw to gain persistence, run recon commands, and attempt malware downloads via certutil. At least five IP addresses targeted a customer’s server, indicating mass scanning.
Three additional flaws (CVE-2025-27889, -47811, -47813) were also disclosed, exposing passwords and file paths.

Users must upgrade to version 7.4.4. If not possible, disable web portal access, restrict anonymous logins, and monitor the session directory for suspicious files.

5. CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

CISA has added a critical vulnerability in Citrix NetScaler ADC and Gateway (CVE-2025-5777, CVSS 9.3) to its KEV catalog, confirming active exploitation in the wild. Dubbed Citrix Bleed 2, the flaw stems from insufficient input validation, allowing unauthenticated attackers to perform memory overreads and steal sensitive session data.

First reported in mid-June 2025, attackers have leveraged it to extract session tokens and access internal systems. Exploitation attempts have been traced to 10 IPs from multiple countries, with links to RansomHub ransomware.

Citrix released a patch (version 14.1-43.56+) on June 17. Admins are urged to update immediately and terminate all active sessions to prevent token reuse. Logs should be reviewed for suspicious authentication endpoint activity.

The flaw allows remote code execution and lateral movement in hybrid IT environments. CISA mandated federal agencies to patch within 24 hours. Another Citrix flaw (CVE-2025-6543) is also being exploited.

07/02/2025-07/09/2025 Microsoft Fixes 130 Security Flaws, CISA Flags Four Actively Exploited Old Vulnerabilities, Cisco Patches Critical Unified CM Flaw And More.

1. Microsoft Fixes 130 Security Flaws, Including Public SQL Server Bug

Microsoft’s July 2025 Patch Tuesday delivers fixes for 130 vulnerabilities, including a publicly disclosed SQL Server flaw (CVE-2025-49719, CVSS 7.5). Though not exploited in the wild, this bug allows unauthenticated information disclosure over the network. Users are urged to update SQL Server and related drivers. This release ends an 11-month streak without zero-day patches. About a dozen critical bugs were addressed, 10 of which enable remote code execution (RCE). High-priority fixes target NEGOEX, SharePoint, and the Kerberos Key Distribution Center proxy.

Office updates include patches for two local code execution flaws (CVE-2025-49695 and CVE-2025-49696). Another key fix is CVE-2025-49724—a use-after-free bug in Windows Connected Devices Platform, exploitable if Nearby Sharing is enabled and specific user actions occur.

Of the 130 bugs, 53 allow privilege escalation, 41 RCE, and others impact info disclosure, spoofing, and denial-of-service. Users are advised to update systems promptly.

2. Malicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension

Researchers have uncovered a supply chain attack targeting the Visual Studio Code extension Ethcode, used to deploy Ethereum smart contracts. The extension, with over 6,000 installs, was compromised via a GitHub pull request by a newly created user, Airez299, on June 17, 2025. ReversingLabs found that the attacker slipped malicious code into 43 commits, including a hidden npm package, keythereum-utils. The package, now removed, downloaded an obfuscated payload via PowerShell. The goal may have been to steal crypto assets or tamper with contracts.

Microsoft removed Ethcode from its marketplace after responsible disclosure. The extension was later reinstated without the malicious dependency.

This attack highlights growing supply chain threats. In Q2 2025, over 16,000 malicious open-source packages were discovered, with many stealing credentials or damaging data. Meanwhile, fake Firefox extensions were also found redirecting users and stealing OAuth tokens, emphasizing the evolving risk in trusted developer tools and browser add-ons.

3. CISA Adds Four Older CVEs to Known Exploited Vulnerabilities List

On July 7, CISA added four vulnerabilities—dating back to 2014–2019—to its KEV catalog, urging federal agencies to patch them by July 28. Private organizations are strongly advised to follow suit.

Despite their age, two of the flaws are rated critical, showing that old vulnerabilities remain valuable targets for attackers. The bugs include:

• CVE-2014-3931: MRLG buffer overflow (9.8 severity)
• CVE-2016-10033: PHPMailer command injection (9.8)
• CVE-2019-5418: Ruby on Rails path traversal (7.5)
• CVE-2019-9621: Zimbra SSRF vulnerability (7.5)

Trend Micro linked CVE-2019-9621 to Chinese threat actor Earth Lusca, and intelligence suggests renewed interest from state-backed groups.

Experts warn that threat actors prioritize impact over age, targeting internet-facing systems like email servers and web frameworks. Security teams should inventory legacy software, limit exposure of critical tools, and segment networks to reduce risk. Even decade-old flaws can be actively exploited if left unpatched.

4. Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials

Cisco has released a patch for a critical vulnerability (CVE-2025-20309, CVSS 10.0) in its Unified Communications Manager (Unified CM) and Session Management Edition (SME). The flaw, caused by hard-coded root credentials left from development, allows attackers to gain root access and execute arbitrary commands.
Cisco warns that exploitation could let attackers move laterally, intercept calls, or alter authentication settings. The flaw affects versions 15.0.1.13010-1 to 15.0.1.13017-1, regardless of configuration.

Discovered during internal testing, there is no evidence of active exploitation. Cisco has shared indicators of compromise (IoCs), including log entries showing root access in /var/log/active/syslog/secure. Admins can check using: cucm1# file get activelog syslog/secure

This patch follows recent fixes for two other critical flaws (CVE-2025-20281 and CVE-2025-20282) in Cisco Identity Services Engine products that also allowed root command execution.