If you use a smartphone, browse the web, or unzip files on your computer, you are in the crosshairs this week. Hackers are currently exploiting critical flaws in the daily software we all rely on—and in some cases, they started attacking before a fix was even ready.
Below, we list the urgent updates you need to install right now to stop these active threats.
âš¡ Threat of the Week
Apple and Google Release Fixes for Actively Exploited Flaws — Apple released security updates for iOS, iPadOS, macOS, tvOS, watchOS, visionOS, and Safari web browser to address two zero-days that the company said have been exploited in highly targeted attacks. CVE-2025-14174 has been described as a memory corruption issue, while the second, CVE-2025-43529, is a use-after-free bug. They can both be exploited using maliciously crafted web content to execute arbitrary code. CVE-2025-14174 was also addressed by Google in its Chrome browser since it resides in its open-source Almost Native Graphics Layer Engine (ANGLE) library. There are currently no details on how these flaws were exploited, but evidence points to it likely having been weaponized by commercial spyware vendors.
🔔 Top News
- SOAPwn Exploits HTTP Client Proxies in .NET for RCE — Cybersecurity researchers uncovered an unexpected behavior of HTTP client proxies in .NET applications, potentially allowing attackers to achieve remote code execution. The vulnerability has been codenamed SOAPwn. At its core, the problem has to do with how .NET applications might be vulnerable to arbitrary file writes because .NET’s HTTP client proxies also accept non-HTTP URLs such as files, a behavior that Microsoft says developers are responsible for guarding against — but not likely to expect. This, in turn, can open remote code execution (RCE) attack paths through web shells and malicious PowerShell scripts in many .NET applications, including commercial products. By being able to pass an arbitrary URL to a SOAP API endpoint in an affected .NET application, an attacker can trigger a leak of NTLM challenge. The issue can also be exploited through Web Services Description Language (WSDL) imports, which can then be used to generate client SOAP proxies that can be controlled by the attacker. “The .NET Framework allows its HTTP client proxies to be tricked into interacting with the filesystem. With the right conditions, they will happily write SOAP requests into local paths instead of sending them over HTTP,” watchTowr said. “In the best case, this results in NTLM relaying or challenge capture. In the worst case, it becomes remote code execution through webshell uploads or PowerShell script drops.”
- Attackers Exploit New Flaw in CentreStack and Triofox — A new vulnerability in Gladinet’s CentreStack and Triofox products is being actively exploited by unknown threat actors to achieve code execution. The vulnerability, which does not have a CVE…
Source link
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We blogs.grocliq.com want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Website Upgradation is going on for any glitch kindly connect at [email protected]
