Ethical Hacking News
A growing list of security flaws has been identified across various software platforms, leaving many organizations on high alert. From privileged escalation vulnerabilities in WordPress plugins to AI-powered phishing attacks and emerging critical SAP NetWeaver Flaw Exploited to Drop Web Shell, Brute Ratel Framework, this article delves into the multifaceted vulnerability landscape and highlights the need for robust cybersecurity measures.
Microsoft has made passwordless authentication default for new accounts, affecting 15 billion users. A critical vulnerability (CVE-2025-27007) in the OttoKit WordPress plugin allows attackers to escalate privileges and create admin user accounts. Another vulnerability (CVE-2025-3102) in the same plugin has been exploited since last month, with mass exploitation starting on May 4, 2025. A new critical SAP NetWeaver Flaw Exploited to Drop Web Shell and Brute Ratel Framework poses significant risks for data exfiltration and lateral movement. The Linux io_uring PoC Rootkit bypasses system call-based threat detection tools using kernel-mode injection technique. New Windows Task Scheduler Bugs Let Attackers Bypass UAC and Tamper with Logs, compromising security event data. Apple has patched two actively exploited iOS flaws used in sophisticated targeted attacks. The 2025 Microsoft Vulnerabilities Report highlights several critical vulnerabilities that require immediate attention from organizations worldwide. AI-powered phishing attacks, including AI Data Leaks to Phishing Funnels, pose significant risks to users and require innovative security solutions.
The cybersecurity landscape has witnessed a plethora of vulnerabilities and exploits in recent times, leaving numerous organizations on high alert. According to a recent report, Microsoft Sets Passkeys Default for New Accounts; 15 Billion Users Gain Passwordless Support, signaling an unprecedented shift towards passwordless authentication. However, this development is tempered by the discovery of various security flaws that have been actively exploited in the wild.
One such vulnerability, CVE-2025-27007, has been identified in the OttoKit WordPress plugin, which boasts over 100,000 active installations. This critical flaw allows for privilege escalation, permitting unauthenticated attackers to establish a connection with a compromised site and subsequently create an administrative user account via the automation/action endpoint. The vulnerability is exploitable under two distinct scenarios: when an organization has never enabled or utilized an application password, and in cases where an attacker possesses authenticated access to a site and can generate a valid application password.
Furthermore, researchers have discovered that attackers are simultaneously targeting CVE-2025-3102, another flaw present in the same plugin. The initial vulnerability has been observed being exploited since last month, whereas mass exploitation commenced on May 4, 2025. Given the sheer number of installations for OttoKit, it is essential for users to apply the latest patches (version 1.0.83) at the earliest.
Moreover, recent reports highlight the emergence of new critical SAP NetWeaver Flaw Exploited to Drop Web Shell, Brute Ratel Framework. This vulnerability has been linked to a malicious web shell and brute ratel framework, which can be used for nefarious purposes such as data exfiltration and lateral movement within networks.
In addition to these exploits, researchers have also been tracking the Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools. This rootkit is designed to bypass system call-based threat detection tools by utilizing a technique known as "kernel-mode injection." The attack vector relies on a vulnerability present in the io_uring system call handler, allowing attackers to inject malicious kernel code and evade traditional security measures.
The discovery of Linux io_uring PoC Rootkit has also raised concerns regarding the efficacy of modern network detection and response tools. Researchers have long emphasized that these tools are often designed with the assumption that threats will arise from known sources, such as targeted attacks or insider actors. However, the emergence of this rootkit highlights the need for more robust threat detection mechanisms capable of identifying novel attack vectors.
Another worrying development is the New Windows Task Scheduler Bugs Let Attackers Bypass UAC and Tamper with Logs. This vulnerability allows attackers to bypass User Account Control (UAC) and tamper with logs, compromising the integrity of security event data. As a result, it has become essential for organizations to prioritize patching these vulnerabilities at the earliest.
The Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks highlights the ongoing threat landscape faced by mobile devices. The exploits were designed to target specific vulnerabilities present in iOS and have been linked to sophisticated targeted attacks aimed at high-value targets.
In a related development, the 2025 Microsoft Vulnerabilities Report—Download Before the Next Patch Cycle has revealed several critical vulnerabilities that require immediate attention from organizations worldwide. As the patch cycle approaches, it is crucial for organizations to prioritize vulnerability management and ensure that all necessary patches are applied promptly.
Furthermore, researchers have identified AI Data Leaks to Phishing Funnels—This Report Exposes the Real Browser Risks, which sheds light on the increasing risk posed by AI-powered phishing attacks. These attacks can be highly sophisticated and difficult to detect, relying on advanced machine learning algorithms and deepfakes to deceive victims.
In a bid to combat this growing threat, researchers have been exploring innovative methods for improving browser security. A recent report highlights the potential of using AI models to detect suspicious activity within web browsers and block malicious scripts from executing.
The convergence of these vulnerabilities and exploits underscores the need for organizations to prioritize robust cybersecurity measures. In an era where modern threats are becoming increasingly sophisticated, it is essential for organizations to stay vigilant and adapt their defenses accordingly.
Related Information:
https://www.ethicalhackingnews.com/articles/A-Multifaceted-Vulnerability-Landscape-The-Convergence-of-Exploitable-Flaws-in-Modern-Cybersecurity-ehn.shtml
https://thehackernews.com/2025/05/ottokit-wordpress-plugin-with-100k.html
Published: Wed May 7 11:52:52 2025 by llama3.2 3B Q4_K_M
