SureForms WordPress Plugin flaw enables unauthenticated file deletion, potential site takeover

A vulnerabilityin the SureForms WordPress plugin (CVE-2025-6691) allows unauthenticated attackers to delete arbitrary files, including the wp-config.php file, which can force sites into setup mode and enable complete website takeover. Patches are available in multiple updated versions.

**If you have the SureForms WordPress plugin installed, immediately check your version and update to the latest patched release (1.7.4 or appropriate version for your branch). Don't delay this one, because you can't really hide the form, and updating the plugin is nearly trivial.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/sureforms-wordpress-plugin-flaw-enables-unauthenticated-file-deletion-potential-site-takeover-e-k-3-m-q/gD2P6Ple2L

I received an email earlier this week from EA asking if I wanted to be added to a public acknowledgement page they were creating for individuals who responsibly disclosed vulnerabilities to them.

For all the shit people give EA, of the 100+ companies I contacted in the last two years, they were the only company I would say had a decent incident response.

They fixed the issue within 12 hours after validating it as critical, and proactively provided me multiple updates over time.

When the IR was done on their side, they reached out again with some more information about the potential impact if the issue hadn't been solved quickly, and also offered me a reward.

I did not have to keep chasing anyone for updates, I wasn't asked for non-disclosure, or offered money in exchange for it, and people replied instead of ignoring me.

I wasn't blamed for their mistake, either, or reported to the authorities.

Unfortunately, at least one or multiple of the things mentioned above are present in most of my other incidents reported; it's a real shit show out there.

Vulnerability cve-2025-25257 has received a comment on Vulnerability-Lookup:

Pre-Auth SQL Injection to RCE - Fortinet FortiWeb Fabric Connector (CVE-2025-25257)
http://vulnerability.circl.lu/comment/94b37950-f479-444b-bff8-5571bd15eac5

This seems Very Bad(tm)
"... the downloaded profile can be potentially modified in such a way, so that the operator loses control over the profile (no ability for remote control / no ability to disable / invalidate it, etc.), the operator can be provided with a completely false view of the profile state (the result of its remote management ops in particular) or all of its activity can be subject to monitoring (vide rogue apps mimicking / proxying behavior of real ones)"
#infosec #vulnerability #esim #android #iphone
https://security-explorations.com/esim-security.html

Bluetooth vulnerabilities called PerfektBlue enable remote hacking of vehicles from major automakers

Security researchers discovered a vulnerability chain called "PerfektBlue" affecting OpenSynergy's BlueSDK Bluetooth stack used in millions of vehicles from major manufacturers including Mercedes-Benz, Volkswagen, and Skoda, with the most critical flaw. OpenSynergy released patches in September 2024 but many automakers have yet to deploy the firmware updates.

**This is another weird one. If you drive car from an affected manufacturer, that doesn't mean the manufacturer will make a patch. Definitely reach out to your service for update, but you may also have to accept that there may not be a patch issued. Make sure to limit pairing of devices to the car to only devices you know, and don't accept new bluetooth pairings unless you are sure which device it is.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/bluetooth-vulnerabilities-called-perfektblue-enable-remote-hacking-of-vehicles-from-major-automakers-w-0-q-o-e/gD2P6Ple2L

Unauthenticated SQL injection in GUI in FortiWeb - CVE-2025-25257

#vulnerabilitymanagement #cybersecurity #fortinet #vulnerability

https://vulnerability.circl.lu/vuln/CVE-2025-25257#comments

I mean, I know all hardware is software and software has bugs and errors occur under the best circumstances but Christ on a motorbike. How does a company fuck up this badly? And they are clearly going after big customers with 10,000 access points. This shit will be the end of us.

https://www.securityweek.com/unpatched-ruckus-vulnerabilities-allow-wireless-environment-hacking/

Belgium is unsafe for CVD (coordinated vulnerability disclosure)
https://floort.net/posts/belgium-unsafe-for-cvd/

VLAI: A RoBERTa-Based Model for Automated Vulnerability Severity Classification.

This paper presents VLAI, a transformer-based model that predicts software vulnerability severity levels directly from text descriptions. Built on RoBERTa, VLAI is fine-tuned on over 600,000 real-world vulnerabilities and achieves over 82% accuracy in predicting severity categories, enabling faster and more consistent triage ahead of manual CVSS scoring. The model and dataset are open-source and integrated into the Vulnerability-Lookup service.

We ( @cedric and I) decided to make a paper to better document how VLAI is implemented. We hope it will give other ideas and improvements in such model.

#vulnerability #cybersecurity #vulnerabilitymanagement #ai #nlp #opensource

@circl

https://arxiv.org/abs/2507.03607

Nearly all major Linux distributions are vulnerable to a couple of sudo bugs that allow users to gain access to root privileges
https://www.linux-magazine.com/Online/News/Bugs-Found-in-sudo?utm_source=mlm
#Linux #sudo #flaw #vulnerability #bugs

Who is right with this sudo vulnerability? The CVSS reported or the VLAI severity model?

#sudo #vulnerability #vulnerabilitymanagement #threatintel

https://vulnerability.circl.lu/vuln/CVE-2025-32462#sightings

A critical Linux vulnerability (CVE-2025-32463) in Sudo lets any local unprivileged user gain root via the --chroot (-R) option

Affects default configs on Ubuntu, Fedora & others — no Sudo rules needed
Fix: Update to Sudo 1.9.17p1+ (no workarounds)
CVSS: 9.8 (Critical)

Highlights persistent risks in open-source privilege handling

https://cybersecuritynews.com/linux-sudo-chroot-vulnerability/

#Linux #Sudo #FOSS #CyberSecurity #InfoSec #OpenSource #Vulnerability #Root #Exploit #SysAdmin #DevSecOps #Tech @TechNews

This looks pretty bad:

https://insinuator.net/2025/06/airoha-bluetooth-security-vulnerabilities/

TL;DR many Bluetooth headsets have a vulnerability that allows an attacker in ~10m proximity range to completely take over the hardware.

Even if your printer isn't affected, make sure to change the default password!

Hundreds of Brother printer models have security flaw that can't be patched

https://www.engadget.com/cybersecurity/hundreds-of-brother-printer-models-have-security-flaw-that-cant-be-patched-165402227.html?src=rss&guccounter=1

Critical Sudo vulnerabilities enable local privilege escalation to root

The Stratascale Cyber Research Unit are reporting two vulnerabilities in the Sudo utility, including a critical flaw (CVE-2025-32463) that allows unprivileged users to escalate to root privileges through the chroot option by exploiting NSS library loading mechanisms.

**This is a nasty flaw. If you have multiple user roles on your linux systems or are running services as non-root, make sure to update your Linux systems' Sudo utility to version 1.9.17p1 or later. The exploit vector is possible if someone already has local access to the system, which can either be through direct credentials or through breaching a vulnerable service that's running as non-root.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-sudo-vulnerabilities-enable-local-privilege-escalation-to-root-o-x-8-6-q/gD2P6Ple2L

Researchers report Bluetooth flaws that enable remote eavesdropping, device hijacking

German cybersecurity researchers report critical vulnerabilities in Airoha Bluetooth system-on-chip technology affecting millions of headphones, earbuds, and speakers from major brands like Sony, Marshall, JBL, and Bose, allowing attackers within 10-meter range to remotely eavesdrop on conversations, hijack device connections, and access sensitive data without authentication.

**Be aware that your Bluetooth headphones and speakers from Sony, Marshall, JBL, Bose or other vendors, may be critically vulnerable to remote eavesdropping attacks. There is no immediate patch, so check regularly for firmware updates become available and in the meantime avoid using them (or even bringing them into) in sensitive environments. If you are journalist, diplomat, or work in sensitive businesses, consider not using at all or regularly unpairing bluetooth devices from your phone when not needed.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/researchers-report-bluetooth-flaws-that-enable-remote-eavesdropping-device-hijacking-l-3-2-3-8/gD2P6Ple2L

Norwegian Dam Valve Forced Open for Hours in Cyberattack – Source:hackread.com https://ciso2ciso.com/norwegian-dam-valve-forced-open-for-hours-in-cyberattack-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #Vulnerability #CyberAttacks #CyberAttack #CyberCrime #Hackread #security #Norway #IoT

Airoha Chip Vulnerabilities Expose Headphones to Takeover https://www.securityweek.com/airoha-chip-vulnerabilities-expose-headphones-to-takeover/ #Mobile&Wireless #vulnerability #Bluetooth #headphone #wireless #Airoha #BLE

Caught in the FortiNet: Exploiting Fortinet’s endpoint protection solution to compromise an entire organization using minimal user interaction.
Dive into our technical analysis of this interesting attack scenario:

https://www.sonarsource.com/blog/caught-in-the-fortinet-how-attackers-can-exploit-forticlient-to-compromise-organizations-1-3?utm_medium=social&utm_source=mastodon&utm_campaign=research&utm_content=blog-caught-in-the-fortinet-260625-&utm_term=&s_category=Organic&s_source=Social%20Media&s_origin=social