Monthly Security Bulletin –March 2025

This month’s security bulletin hot topics:

1. Microsoft kills off Defender ‘Privacy Protection’ VPN feature

2. Netgear warns users to patch critical WiFi router vulnerabilities

3. Hackers spoof Microsoft ADFS login pages to steal credentials

4. Critical Cisco ISE bug can let attackers run commands as root

5. Critical RCE bug in Microsoft Outlook now exploited in attacks

6. Experts Flag Security, Privacy Risks in DeepSeek AI App

7. Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers

8. HPE notifies employees of data breach after Russian Office 365 hack

9. SonicWall firewall exploit lets hackers hijack VPN sessions, patch now

10. Fortinet warns of new zero-day exploited to hijack firewalls

11. whoAMI attacks give hackers code execution on Amazon EC2 instances

12. New OpenSSH flaws expose SSH servers to MiTM and DoS attacks

13. Microsoft reminds admins to prepare for WSUS driver sync deprecation

14. Chinese hackers use custom malware to spy on US telecom networks

15. Exploits for unpatched Parallels Desktop flaw give root on Macs

16. UK Demanded Apple Add a Backdoor to iCloud

17. New Vo1d botnet variant infects 1.6 million Android TVs worldwide

18. New FinalDraft malware abuses Outlook mail service for stealthy comms