RadioCSIRT - Your Daily Cyber Security Brief

Welcome to your daily cybersecurity podcast. QNAP discloses a high-severity authentication bypass vulnerability tracked as CVE-2025-59385. The flaw allows remote attackers to spoof authentication mechanisms and access protected resources without credentials. The issue affects QTS and QuTS hero systems and is remotely exploitable with no user interaction. Patches are available in QTS 5.2.7.3297 and QuTS […]

Welcome to your daily cybersecurity podcast. Horizon3.ai exposes three critical FreePBX vulnerabilities. The most severe, CVE-2025-66039 scored 9.3, enables complete authentication bypass via simple forged Authorization header. Two additional flaws provide SQL injection and PHP web shell upload for remote code execution. Patches available but require manual CLI configuration and audit of instances exposed before […]

Welcome to your daily cybersecurity podcast. Apple and Google rush to fix actively exploited Zero-Day flaws. CISA has added CVE-2025-14174 to its KEV catalog, flagging a critical memory corruption vulnerability in the Chromium engine that affects Chrome, Edge, and Brave. Simultaneously, Apple has deployed patches for this same flaw alongside CVE-2025-43529, a WebKit Use-After-Free bug. […]

Welcome to your daily cybersecurity podcast. Palo Alto Networks Unit 42 exposes Ashen Lepus, a Hamas-affiliated APT actor active since 2018. The group deploys a new .NET modular malware suite named AshTag, targeting governmental and diplomatic entities across the Middle East with confirmed geographic expansion toward Oman and Morocco. The multi-stage infection chain initiates through […]

Welcome to this special RadioCSIRT cybersecurity briefing. In this episode, we take an in-depth look at the MITRE Top 25 Common Weakness Enumerations (CWE) for 2025, moving beyond a simple ranking to analyze the structural weaknesses that continue to drive real-world compromises. This analysis focuses on how recurring flaws such as cross-site scripting, sql injection, […]

Welcome to your daily cybersecurity podcast. The Linux kernel 5.4 officially reaches end-of-life. After years of LTS support, this version—massively deployed across Ubuntu, Android, and embedded systems—will no longer receive upstream security patches. This creates a critical risk for industrial and network equipment remaining on this version without a rapid migration path. Check Point dissects […]

Welcome to your daily cybersecurity podcast. Microsoft refuses to fix a critical RCE vulnerability in the .NET framework affecting the SoapHttpClientProtocol class. Revealed at Black Hat Europe by researcher Piotr Bazydło from WatchTowr, the flaw enables arbitrary file writes through SOAP URL manipulation. Exploitation relies on unexpected support for FILE and FTP protocols by a […]

CISA, FBI, and NSA issue joint advisory AA25-343A on December 9, 2025, warning of active campaigns by four pro-Russia hacktivist groups exploiting VNC vulnerabilities in OT/ICS systems worldwide. THREAT ACTORS IDENTIFIED: ATTACK VECTOR: Mass exploitation of exposed VNC services (ports 5900-5910) with default/weak credentials on HMI devices. Direct SCADA access causing parameter modifications, alarm disabling, […]

Welcome to your daily cybersecurity briefing. The UK’s NCSC has released critical guidance regarding Generative AI security, warning that treating Prompt Injection like SQL Injection is a dangerous misconception. Unlike traditional databases, LLMs lack a rigid boundary between instructions and data, creating an “Inherently Confusable Deputy” problem. The agency advises that the only effective mitigation […]

Welcome to your daily cybersecurity briefing. CERT-FR has issued a security advisory regarding a vulnerability affecting the MISP threat-intelligence platform. Under specific configurations, the flaw may allow unauthorized access to internal components or data. Organizations relying on MISP are strongly encouraged to apply the recommended patches without delay to mitigate potential exploitation. CERT-FR has also […]

Welcome to your daily cybersecurity briefing. The FBI has issued a public service announcement regarding the evolution of “virtual kidnapping” scams, where criminals are now using AI-altered images from social media to fabricate proof-of-life. By manipulating photos to depict physical harm or captivity, threat actors are successfully pressuring families into paying ransoms for loved ones […]

Welcome to your daily cybersecurity briefing. The Australian Cyber Security Centre has released new guidance for critical infrastructure regarding the secure integration of Artificial Intelligence into Operational Technology environments. This strategic framework aims to help organizations anticipate physical safety risks caused by algorithmic automation in industrial systems. CERT-FR (ANSSI) has issued a series of security […]

Welcome to your daily cybersecurity briefing. Cloudflare has attributed today’s major service outage to the deployment of an emergency patch intended to mitigate the critical “React2Shell” vulnerability. The incident highlights the delicate balance between security responsiveness and operational stability: the attempt to rapidly mitigate an active flaw resulted in a global software regression, serving as […]