Monthly Security Bulletin – January 2025

This month’s security bulletin hot topics:

1. Veeam warns of critical RCE bug in Service Provider Console

2. QR codes bypass browser isolation for malicious C2 communication

3. Hunk Companion WordPress plugin exploited to install vulnerable plugins

4. New stealthy Pumakit Linux rootkit malware spotted in the wild

5. Ultralytics Supply-Chain Attack

6. Winnti hackers target other threat actors with new Glutton PHP backdoor

7. Malicious ads push Lumma infostealer via fake CAPTCHA pages

8. Windows kernel bug now exploited in attacks to gain SYSTEM privileges

9. Hacking Digital License Plates

10. New critical Apache Struts flaw exploited to find vulnerable servers

11. Malicious Microsoft VSCode extensions target devs, crypto community

12. Campaign abusing HubSpot targets 20,000 Microsoft Azure accounts

13. Ongoing phishing attack abuses Google Calendar to bypass spam filters

14. Attackers exploiting a patched FortiClient EMS vulnerability in the wild

15. Fortinet warns of FortiWLM bug giving hackers admin privileges

16. Juniper warns of Mirai botnet scanning for Session Smart routers

17. Sophos discloses critical Firewall remote code execution flaw

18. New FlowerStorm Microsoft phishing service fills void left by Rockstar2FA

19. Adobe warns of critical ColdFusion bug with PoC exploit code

20. European Space Agency’s official store hacked to steal payment cards

21. New botnet exploits vulnerabilities in NVRs, TP-Link routers

22. Hackers exploit DoS flaw to disable Palo Alto Networks firewalls

23. Catching “EC2 Grouper” – no indicators required!