Cybersecurity News Review, Week 4 (2025)

Keypoints :

• 7-Zip has a critical vulnerability (CVE-2025–0411) that allows code execution by bypassing the Mark of the Web security feature.
• AMD is addressing a vulnerability in its microprocessors that could permit unauthorized microcode loading, requiring admin access to exploit.
• Chained vulnerabilities in Ivanti CSA are actively being exploited for breaches and webshell deployments.
• Cisco’s ClamAV has a denial-of-service flaw (CVE-2025–20128) that can cause crashes of the scanning process, and patches are available.
• The AIRASHI botnet has been launched from a zero-day vulnerability in Cambium Networks cnPilot routers, now active for DDoS attacks.
• The Murdoc_Botnet campaign targets AVTECH cameras and Huawei routers, having over 1300 active IPs.
• Cloudflare mitigated the largest DDoS attack recorded at 5.6 Tbps, originating from Mirai botnets.
• 119 vulnerabilities were found in LTE and 5G networks, posing significant attack risks.
• ABB’s building automation products contain over 1,000 vulnerabilities, endangering critical infrastructure.
• 73% of UK educational institutions faced cyber incidents in the last five years, highlighting their vulnerabilities.
• December 2024 recorded the highest ransomware attacks, led by the FunkSec group targeting multiple sectors.
• US utilities report an 80% increase in ransomware incidents since 2023, largely due to outdated infrastructure.
• The PowerSchool hack exposed sensitive data of over 62 million students.
• Middle Eastern and African nations are increasing biometric technology adoption amid cybersecurity concerns.
• Russia and Iran signed an agreement to enhance cooperation regarding cybersecurity and internet regulation.