InfoSecBulletin Cybersecurity for mankind
On June 5, 2025, CISA released seven advisories regarding Industrial Control Systems (ICS) that highlight current security issues, vulnerabilities, and exploits. ICSA-25-155-01 CyberData 011209 SIP Emergency Intercom ICSA-25-155-02 Hitachi Energy Relion 670, 650 series and SAM600-IO Product ICSA-21-049-02 Mitsubishi Electric FA Engineering Software Products (Update H) ICSA-25-133-02 Hitachi Energy Relion …
Read More »TimeLine Layout
June, 2025
-
8 June
ClickFix Attack Exploits Fake Cloudflare Human Check to Install Malware
A new social engineering attack uses familiar security checks to trick users into downloading malware via fake Cloudflare verification pages. The ClickFix attack technique marks a worrying shift in phishing methods, moving away from traditional file downloads to tricking users into running harmful commands on their own devices. The attack …
Read More » -
6 June
Fortinet flaws now exploited in Qilin ransomware attacks
The Qilin ransomware operation has recently joined attacks exploiting two Fortinet vulnerabilities that allow bypassing authentication on vulnerable devices and executing malicious code remotely. Qilin (also tracked as Phantom Mantis) surfaced in August 2022 as a Ransomware-as-a-Service (RaaS) operation under the “Agenda” name and has since claimed responsibility for over …
Read More » -
5 June
Critical Cisco ISE flaw impacts cloud deployments on AWS, Microsoft Azure, and OCI
Cisco fixed a critical vulnerability in the Identity Services Engine (ISE) that could let unauthorized attackers carry out harmful actions. The vulnerability, CVE-2025-20286 (CVSS score 9.9), affects Cisco ISE on AWS, Microsoft Azure, and Oracle Cloud. It allows unauthenticated remote attackers to access sensitive data, perform basic admin tasks, modify …
Read More » -
5 June
App builiding platform exposes over 3 million records, including PII
Cybersecurity researcher Jeremiah Fowler discovered an unprotected database with 3,637,107 records likely from a no-code app-building platform. The unprotected database, totaling 12.2 TB and containing 3,637,107 records, included internal files, images, and spreadsheets labeled “users” and “invoices.” These documents featured names, emails, physical addresses, and payment details for users and …
Read More » -
4 June
CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed
IBM has issued a security advisory for vulnerabilities in its QRadar Suite Software and Cloud Pak for Security platforms. These flaws, which vary in severity from medium to critical, can lead to remote code execution, information disclosure, and denial of service (DoS) attacks. The bulletin lists five security vulnerabilities affecting …
Read More » -
4 June
ALERT
Thousands of IP addresses compromised nationwide: CIRT warn
As Bangladesh prepares for the extended Eid-ul-Adha holidays, the BGD e-GOV Computer Incident Response Team (CIRT) has issued an urgent cybersecurity alert, warning of heightened cyber threats due to reduced monitoring and operational oversight during the festive period. Current Threat Landscape: The CIRT’s Cyber Threat Intelligence Unit has detected widespread …
Read More » -
3 June
New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries
In March 2025, the Threatfabric mobile Threat Intelligence team identified Crocodilus, a new Android banking Trojan designed for device takeover. Initial samples mostly came from test campaigns, with a few live campaigns observed. Croco-bonus – Get Free Malware! Initial Crocodilus samples indicated operations in Europe, primarily focusing on Turkey. Recently, …
Read More » -
3 June
Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks
Qualcomm has issued security patches for three zero-day vulnerabilities in the Adreno GPU driver, affecting many chipsets that are being actively exploited in targeted attacks. The company reported two major flaws (CVE-2025-21479 and CVE-2025-21480) identified by the Google Android Security team in late January, and a third serious vulnerability (CVE-2025-27038) …
Read More » -
2 June
Critical RCE Flaw Patched in Roundcube Webmail
Roundcube Webmail has fixed a critical security flaw that could enable remote code execution after authentication. Disclosed by security researcher firs0v, the issue has been addressed in the latest updates for the 1.6 and 1.5 LTS versions. The security update addresses a post-authentication RCE vulnerability caused by PHP object deserialization. …
Read More »