Weekly Recap: Windows 0-Day, VPN Exploits, Weaponized AI, Hijacked Antivirus and More

Summary: Attackers are increasingly exploiting vulnerabilities before defenses are ready, utilizing trusted security tools for malicious activities. This week’s highlights include a critical Windows zero-day vulnerability and various malware exploitation incidents, emphasizing the urgency of proactive security measures. Organizations must strengthen their defenses against the evolving threat landscape, as attackers continuously adapt their tactics.

Affected: Security tools, Windows systems, ESET antivirus users, FortiGate VPNs, online platforms

Keypoints :

• Windows CVE-2025-29824 zero-day vulnerability exploited in ransomware attacks.
• ESET antivirus flaw allows TCESB malware delivery by the ToddyCat APT group.
• Fortinet warns of persistence techniques allowing access to patched FortiGate devices.
• AkiraBot uses AI to distribute SEO spam across tens of thousands of websites.
• Gamaredon targets military entities using USBs to spread GammaSteel malware.
• Brute-force attacks on PAN-OS GlobalProtect portals reported.
• Increased phishing and exploitation attempts noted, including SMS pumping scams.
• Ongoing vulnerabilities identified in widely used software requiring prompt updates.