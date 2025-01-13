The cyber world’s been buzzing this week, and it’s all about staying ahead of the bad guys. From sneaky software bugs to advanced hacking tricks, the risks are real, but so are the ways to protect yourself. In this recap, we’ll break down what’s happening, why it matters, and what you can do to stay secure.

Let’s turn awareness into action and keep one step ahead of the threats.

⚡ Threat of the Week

Critical Ivanti Flaw Comes Under Exploitation — A newly discovered critical security vulnerability in Ivanti Connect Secure appliances has been exploited as a zero-day since mid-December 2024. The flaw (CVE-2025-0282, CVSS score: 9.0) is a stack-based buffer overflow bug that could lead to unauthenticated remote code execution. According to Google-owned Mandiant, the flaw has been exploited to deploy the SPAWN ecosystem of malware – the SPAWNANT installer, SPAWNMOLE tunneler, and the SPAWNSNAIL SSH backdoor – as well as two other previously undocumented malware families dubbed DRYHOOK and PHASEJAM. There is a possibility that multiple threat actor groups, including the China-linked UNC5337, are behind the exploitation.

🔔 Top News

Microsoft Pursues Legal Action Against Hacking Group — Microsoft said it's taking legal action against an unknown foreign-based threat-actor group for abusing stolen Azure API keys and customer Entra ID authentication information to breach its systems and gain unauthorized access to the Azure OpenAI Service with the goal of generating harmful content that bypasses safety guardrails, as well as monetizing that access by offering it to other customers. It accused three unnamed individuals of creating a "hacking-as-a-service" infrastructure for this purpose.

‎️‍🔥 Trending CVEs

Your favorite software might be hiding serious security cracks—don’t wait for trouble to find you. Update now and stay one step ahead of the threats!

This week’s list includes — CVE-2024-8474 (OpenVPN Connect), CVE-2024-46981 (Redis), CVE-2024-51919, CVE-2024-51818 (Fancy Product Designer plugin), CVE-2024-12877 (GiveWP – Donation Plugin and Fundraising Platform), CVE-2024-12847 (NETGEAR DGN1000), CVE-2025-23016 (FastCGI fcgi2), CVE-2024-10215 (WPBookit plugin), CVE-2024-11350 (AdForest theme), CVE-2024-13239 (Drupal), CVE-2024-54676 (Apache OpenMeetings) CVE-2025-0103 (Palo Alto Networks Expedition), CVE-2024-53704 (SonicWall SonicOS), CVE-2024-50603 (Aviatrix Controller), CVE-2024-9138, and CVE-2024-9140 (Moxa).

📰 Around the Cyber World

Pastor Indicted for "Dream" Solano Fi Project — Francier Obando Pinillo, a 51-year-old pastor at a Pasco, Washington, church, has been indicted on 26 counts of fraud for allegedly operating a cryptocurrency scam that defrauded investors of millions between November 2021 and October 2023. Pinillo is said to have used his position as pastor to induce members of his congregation and others to invest their money in a cryptocurrency investment business known as Solano Fi. He claimed the idea for the scheme had "come to him in a dream." According to the U.S. Department of Justice (DoJ), "rather than investing funds on victims' behalf as he had promised, Pinillo defrauded victims into making cryptocurrency transfers into accounts he designated, then converted the victims' funds to himself and his co-schemers." Pinillo has also been accused of convincing investors to recruit other investors in exchange for additional returns for each new investor they recruited. The fraud charges carry a maximum sentence of up to 20 years in prison. The defendant is estimated to have targeted at least 1,515 customers in the U.S., netting him $5.9 million in illicit profits. The development comes as a Delaware man, Mohamed Diarra, pleaded guilty to his participation in a widespread international sextortion and money laundering scheme from May 2020 and through December 2022. "Diarra conspired with co-conspirators in Côte d'Ivoire who sextorted victims and utilized a network of Delaware-based 'money mules,' including Diarra, to assist with laundering the victims' illegally obtained funds," the DoJ said. He faces a maximum penalty of 20 years in prison. In recent months, the DoJ has also prosecuted Robert Purbeck; Kiara Graham, Cortez Tarmar Crawford, and Trevon Demar Allen; and Charles O. Parks III in connection with extortion, SIM-swapping, and cryptojacking operations, respectively.

🎥 Expert Webinar

🔧 Cybersecurity Tools

MLOKit — It’s a MLOps attack toolkit that leverages REST API vulnerabilities to simulate real-world attacks on MLOps platforms. From reconnaissance to data and model extraction, this modular toolkit is built for adaptability—empowering security pros to stay ahead.

HackSynth — It's an AI-powered agent designed for autonomous penetration testing. With its Planner and Summarizer modules, HackSynth generates commands, processes feedback, and iterates efficiently. Tested on 200 diverse challenges from PicoCTF and OverTheWire.

🔒 Tip of the Week

Know Your Browser Extensions — Your browser is the heart of your online activity—and a prime target for cyber threats. Malicious extensions can steal sensitive data, while sneaky DOM manipulations exploit vulnerabilities to run harmful code in the background. These threats often go unnoticed until it’s too late. So, how do you stay protected? Tools like CRXaminer and DOMspy make it simple. CRXaminer scans Chrome extensions to uncover risky permissions or dangerous code before you install them. DOMspy helps you spot hidden threats by monitoring your browser’s behavior in real-time, and flagging suspicious activities like DOM clobbering or prototype pollution. Stay safe by reviewing your extensions regularly, only granting permissions when absolutely necessary, and keeping your browser and tools up to date.

Conclusion

Every click, download, and login contributes to your digital footprint, shaping how secure or vulnerable you are online. While the risks may feel overwhelming, staying informed and taking proactive steps are your best defenses.

As you finish this newsletter, take a moment to assess your online habits. A few simple actions today can save you from significant trouble tomorrow. Stay ahead, stay secure.