This week highlighted the importance of vigilance in the face of subtle and sophisticated cyber threats. From silent attacks to the exploitation of trusted tools, the landscape of cybersecurity is evolving rapidly.
Criminals are now operating like businesses, using systems to generate revenue, spy, and spread malware. They leverage common apps and services to fly under the radar, demonstrating how easily trust can be exploited.
What’s alarming is that some threats are not traditional bugs but rather clever manipulations of everyday features. By the time these tactics are detected, the damage is already done.
Let’s delve into the significant events of the week, understand their implications, and reflect on the key considerations moving forward.
⚡ Threat of the Week
Silently Patched Fortinet Flaw Comes Under Attack — FortiWeb Web Application Firewall (WAF) fell victim to an exploited vulnerability (CVE-2025-64446) that allowed threat actors to create malicious administrative accounts. This flaw, a combination of path traversal and authentication bypass vulnerabilities, enabled unauthorized privileged actions. The exploitation activity is ongoing, with the U.S. CISA mandating fixes by November 21, 2025.
🔔 Top News
- Operation Endgame Dismantles Malware Networks — Europol and Eurojust coordinated an operation to disrupt malware families like Rhadamanthys Stealer, Venom RAT, and Elysium botnet. Arrests were made, servers seized, and millions of stolen credentials recovered.
- Google Sues China-Based Hackers — Google filed a lawsuit against 25 unnamed China-based hackers responsible for the Lighthouse PhaaS platform, targeting over 1 million users worldwide for phishing attacks.
- Konni Hackers Exploit Google’s Find Hub — North Korea-affiliated Konni hackers targeted Android devices using Google’s Find Hub service to remotely wipe victims’ devices.
️🔥 Trending CVEs
Stay ahead of attackers by addressing critical vulnerabilities like CVE-2025-64446, CVE-2025-64740, CVE-2025-64741, and others affecting popular platforms and software.
📰 Around the Cyber World
- Leaking Sora 2’s System Prompt — Researchers discovered a method to leak Sora 2’s system prompt, revealing internal guidelines shaping the model’s behavior.
- SSRF in OpenAI GPT Actions — An SSRF flaw in OpenAI’s GPT Actions feature allowed attackers to exploit internal services and extract sensitive data.
🔒 Tip of the Week
Control App Traffic with a Mobile Firewall — Protect your privacy and data on mobile devices by using tools like NetGuard and PersonalDNSfilter to monitor and block app connections to the internet.
Conclusion
Subtle yet sophisticated cyber threats require constant vigilance and proactive security measures. Stay informed, stay cautious, and stay ahead of evolving threats.
