Google has rolled out an urgent security patch for its Chrome browser, addressing five vulnerabilities that could enable attackers to execute malicious code remotely.
The update, version 142.0.7444.134/.135 for Windows, 142.0.7444.135 for macOS, and 142.0.7444.134 for Linux, targets critical flaws in core components like WebGPU and the V8 JavaScript engine.
The patch arrives amid heightened scrutiny of browser security, as WebGPU, a modern API for GPU-accelerated web applications, has become a prime target for sophisticated exploits.
Remote code execution vulnerabilities in such components could allow malicious websites to hijack user systems without any interaction beyond visiting a compromised page.
Google emphasized that the fixes were developed in collaboration with external researchers, preventing these issues from reaching a wider audience. The update will propagate gradually over the coming days and weeks to ensure stability across millions of devices worldwide.
Key Vulnerabilities Patched in Chrome 142
Among the five security fixes, three stand out for their high severity, including the out-of-bounds write in WebGPU and inappropriate implementations in V8 and Views.
These flaws, if unpatched, could lead to memory corruption, enabling attackers to run arbitrary code, steal sensitive data, or install malware. The remaining two medium-severity issues affect the Omnibox address bar, potentially exposing users to phishing or injection risks.
For a detailed breakdown, the following table summarizes the CVEs, their severity, affected components, and technical details based on Google’s disclosures:
CVE ID
Severity
Affected Component
Description and Impact
CVSS v3.1 Score (Estimated)
Reported By
Date Reported
CVE-2025-12725
High
WebGPU
Out-of-bounds write flaw allowing memory corruption and remote code execution via malicious web content. Affects rendering of GPU-accelerated graphics in web apps.
8.8 (High)
Anonymous
2025-09-09
CVE-2025-12726
High
Views
Inappropriate implementation leading to UI manipulation and potential remote code execution through crafted web pages. Impacts browser’s visual rendering engine.
8.1 (High)
Alesandro Ortiz
2025-09-25
CVE-2025-12727
High
V8
Inappropriate implementation in JavaScript engine enabling heap corruption and remote code execution. Exploitable via specially crafted scripts on websites.
8.8 (High)
303f06e3
2025-10-23
CVE-2025-12728
Medium
Omnibox
Inappropriate implementation allowing address bar spoofing, which could facilitate phishing attacks. No direct code execution but aids social engineering.
6.5 (Medium)
Hafiizh
2025-10-16
CVE-2025-12729
Medium
Omnibox
Similar implementation flaw in address bar, enabling URL manipulation for deceptive user interfaces.
6.1 (Medium)
Khalil Zhani
2025-10-23
These estimates for CVSS scores align with typical ratings for similar browser flaws, emphasizing the urgency of the high-severity issues. Google has restricted full bug details until most users update, a standard practice to limit exploit development.
This update highlights the vulnerabilities inherent in modern web standards like WebGPU, which promise enhanced performance for gaming and AI applications but introduce new attack surfaces.
V8, powering Chrome’s JavaScript execution, remains a frequent target due to its ubiquity across web ecosystems. Security tools such as AddressSanitizer and libFuzzer played a crucial role in detecting these bugs during development, showcasing proactive measures in Chromium’s pipeline.
Users should immediately check for updates via Chrome’s settings menu under “About Chrome” to apply the patch. Enterprises relying on Chrome for corporate environments are advised to enforce auto-updates and monitor for signs of exploitation, such as unusual browser crashes or network anomalies.
As cyber threats evolve, this incident serves as a reminder of the importance of timely patching in safeguarding digital lives.
HONOLULU—Pacific Air Forces’s massive REFORPAC exercise in the Pacific this summer “identified the capabilities that we need to win in this theater,” the command’s deputy leader said last week: namely, artificial intelligence, autonomy, machine learning; improved command and control capabilities; and resilient cyber networks “that can communicate securely in expeditionary environments and survive relentless attacks.”
Speaking at the AFCEA TechNet Indo-Pacific conference, Lt. Gen. Laura Lenderman said that while “revisionist autocracies” want to “upend the security, freedom, and prosperity” of the Indo-Pacific, there is “another chapter we’re writing…filled with optimism and clarity, that strengthens deterrence, inspires progress and reinforces our shared vision of the future.”
That vision was “on full display” during Exercise Resolute Pacific, Lenderman said.
The exercise included 4,000 sorties at 50 locations that spanned 6,000 miles. Shortly after it kicked off in July, Pacific Air Forces Commander Gen. Kevin Schneider said in an interview that this region “is critically important, not only to the nations in the region that touch the Pacific Ocean, but to the world.”
However, Schneider said, “from an operational perspective, the geography of this theater is incredibly challenging…so, our ability to command and control, to operate, to move with speed, scale, and agility across the vastness of this area is probably the most challenging thing that we do in not only the United States Air Force, but across all branches of the United States military.”
Maj. Gen. Anthony Mastalir, who was then commander of U.S. Space Forces Indo-Pacific, noted in the same July interview that space capabilities are also critical in the theater.
“If you’re going to project power, you have to have space. Space is the force multiplier that will allow us to project power great distances. So being able to close those gaps over the vast Pacific Ocean…in this theater, space superiority over the INDOPACOM AOR is a precondition for Joint Force success, period.”
In REFORPAC and Resolute Space, an exercise that ran concurrently, tested the ability of airmen and guardians “to conduct sustained, complex military operations involving large numbers of forces in situations where we contested air and space superiority, power projection, and global mobility, Lenderman said.
It was also critical training, Command Sgt. Major Katie McCool, command chief for Pacific Air Forces, said in July. “We want our airmen to be prepared on Day One to go into any type of contingency and be able to execute,” she said. And while those airmen and guardians are learn concepts and tactics in their initial training, “you cannot recreate the conditions there that we have here, from small islands to Alaska.”
Command Sgt. Maj. Jason Childers, the senior enlisted leader for U.S. Space Forces Indo-Pacific, had a similar take.
“You have Guardians that usually sit inside of ops centers located and distributed around the world, often not even seeing the light of day, working 24/7, operating systems that are in the space domain, so they can’t really see, taste, touch, hear, or smell the environment that they’re operating in. So, to be able to conduct exercises like this… certainly helps to robust and enhance our readiness.”
When Defense Secretary Pete Hegseth takes the National War College stage to talk about proposed acquisition reforms on Friday, he will have the full attention of many companies aiming to boost their sales to the Pentagon. The list includes both newer and more established defense contractors, as well as notable consumer tech companies like Facebook parent company Meta and consumer AI company Anthropic.
At least some of Hegseth’s proposed changes are laid out in a six-page draft memo to senior Pentagon leaders, combatant commanders, and defense agency directors. Defense One obtained a copy of the draft memo, which has been circulating in the runup to his Nov. 7 speech. Six of the company invitees, under condition of anonymity, did tell Defense One that they plan to attend the event. An official at one attending company said the expectation among the invitees is that it would be a “listening session,” (similar to the speech Hegseth delivered to a room of reticent general and flag officers in September.)
The memo, which draws attention to “unacceptably slow acquisition fielding times” represents a dramatic restructuring of the way the Pentagon buys and builds things, moving away from the sorts of large-scale, multi-year programs that produce fighter jets, aircraft carriers, tanks, and personnel carriers, toward smaller, faster contracting vehicles, which are more representative of software design and re-design.
The list includes the so-called prime defense contractors such as Lockheed Martin, Northrop Grumman, GDIT, and Boeing. But it also includes a good sampling of the newer defense startups, such as ShieldAI, which specializes in drones as well as autonomy software, and drone-maker Anduril. Both work in an ongoing way with Ukrainians, who are forced to update and change drone designs and tactics at speeds far faster than the typical plodding pace of established defense contractors working with the government.
Major cloud companies such as Google, Microsoft, AWS, and Oracle are also on the list, and are all part of the Pentagon’s $9 billion dollar Joint Warfighting Cloud Capability cloud contract and data software maker Palantir. Among the other notable invitees are AI company Anthropic, which, along with Google Cloud and others, received $200 million from the Pentagon in July for AI research efforts, and Meta.
Some experts see promise in the sweeping acquisition reforms prescribed by a draft Pentagon memo that is circulating ahead of the defense secretary’s planned Friday speech on the topic, but others see risk.
Defense One reviewed and verified a copy of the six-page draft on Tuesday, which pitched the overhaul as a “historic opportunity to restore deterrence in the face of an increasingly dangerous security environment” by cutting internal review processes, reorganizing acquisitions efforts, and doling out harsher punishments for companies that go over budget on defense contracts.
Kingsley Wilson, a Pentagon spokesperson, said the Defense Department would not comment on the “pre-decisional” document.
The draft memo, addressed to combatant commanders and senior Pentagon leaders, says, “Today’s unacceptably slow acquisition fielding times stem from three systemic challenges: fragmented accountability where no single leader can make trades between speed, performance and cost; broken incentives that reward completely satisfying every specification at significant cost to on time delivery; and procurement patterns that disincentivize industry investment, leading to constrained industrial capacity that cannot surge or adapt quickly.”
The draft memo lays out several initiatives, including creating “Portfolio Acquisition Executives” who will have more autonomy over major program decisions, relying on “scorecards” to evaluate each portfolio’s progress, and levying “time-indexed incentives” to keep defense contractors on time and on budget. It also orders the office of the defense undersecretary for acquisition and sustainment to issue guidance for cross-cutting transformation within 45 days. Within 60 days, each military department is required to submit their implementation plans.
Politico first reported on the draft memo, which has emerged ahead of Defense Secretary Pete Hegseth’s scheduled address to top defense industry leaders on Friday. The Trump administration has made acquisition reform a top priority, with a Pentagon memo on fast software buying and a flurry of White House executive orders earlier this year.
Lawmakers, defense-budget analysts, and former officials say the acquisition process has long needed an overhaul. Many defense programs blow their budgets and schedules. Last year, the Air Force’s Sentinel ICBM program ran 81 percent over initial cost estimates, breaking the Nunn-McCurdy Act threshold. Before that, the Pentagon paid Lockheed Martin on-time bonuses for F-35s delivered late.
But some said methods prescribed in the draft memo could reduce the quality of procured goods and lead to more, not fewer, cost overruns.
Todd Harrison, a defense budgeting expert and senior fellow at the American Enterprise Institute, pointed to the “time-indexed incentives” espoused in the memo.
“That is a huge change from things like fixed-price contracts that incentivize controlling costs,” Harrison said. “It's a big shift towards holding contractors responsible for keeping to schedule, but it comes with some big risks. It may incentivize companies to deliver poor-quality products before they are ready for prime time just to stay on schedule and not be penalized for being late.”
One former defense official had “some concerns” about the discouragement of Federal Acquisition Regulation-based contracts, which they said could lead companies to promise unrealistically quick deliveries.
“I'm not sure, honestly, that it's going to have the desired effects, but I do think that that's notable,” the official said.
Change on the horizon?
But others hailed the memo’s emphasis on a more portfolio-based approach, which is intended to enable smoother shifting of money between programs as technology and needs change.
Arnold Punaro, a defense consultant and former staff director for the Senate Armed Services Committee, welcomed the “ambitious” suite of reforms outlined in the memo, along with recent changes to federal acquisition regulations and the requirementsprocess and yet more changes proposed in the draft National Defense Authorization Act.
"If fully implemented, these reforms will finally break the long-standing paradigm that has defined and constrained defense acquisition for decades and replace it with a model that delivers greater capability, faster, and at lower cost,” Punaro said by email.
Lawmakers in Congress have long called for acquisition reforms, though they have also expressed reluctance to allow the Pentagon to move money around without their approval.
Rep. Donald Norcross, D-New Jersey, told Defense One that fellow members of the House Armed Services Committee have been working for nearly two years on defense acquisition reform, but also highlighted the need to keep costs low and quality high.
“It is encouraging to see that the Secretary of Defense wants to improve the speed at which we deliver capabilities to our warfighters, a critical national security challenge in need of reform,” Norcorss told Defense One in an emailed statement, “but we cannot lose sight of the importance of also delivering better capabilities at a reasonable cost to American taxpayers."
Overall, the memo echoes recommendations various people and organizations have offered over the years. But there’s still a “bold” element, especially in the tight implementation timelines, said Eric Fanning, the president and chief executive officer of the Aerospace Industries Association.
“As we're looking at this, there's not necessarily any big, new things [the administration] haven't been talking about already. But it's still bold because they have packaged it together, to me, in a really interesting, exciting way. There's no ‘new industry versus old industry.’ There's no ‘government versus the industrial base.’ It's a forward-looking draft that has a lot of things in it that I think Pentagon officials, acquisition officials have been excited about [across] administrations—from both parties—for a long time,” Fanning said. “I think they're focused on the right things: accountability, incentives, and procurement patterns.”
That means driving the defense industrial base and government workers to move quickly, while also encouraging private investment.
“We've got a system right now that discourages investment because they don't know if there's a return on investment over the horizon. So I read the memo and got pretty excited about it,” Fanning said.
A new incentive structure could foster more competition, holding companies accountable for program delays and push the Pentagon to eliminate chokepoints on their side.
“It's okay to penalize [a company for] being behind schedule if there's two elements to it: the Pentagon is balancing a reward for being ahead of schedule and, if there’s a delay, the Pentagon is bringing that company in and saying ‘you're behind schedule, tell me why’” and then if it’s the government’s fault saying “we'll fix that.”
That dovetails into the memo’s directive to shake up how the Pentagon trains contracting workers.
“You need to teach the Pentagon workforce what authorities they have, teach them that they're going to be held accountable for delivery…because that's really what's going to be the most critical. And so when you're holding companies accountable for timelines, you're also holding yourself accountable for timelines hopefully,” Fanning said.
And if it works the result will be “everybody identifying what is slowing you down instead of what could go wrong.”
OTAs and other changes
Other pointed to other important changes: a mandate for dual-sourcing many purchases, so multiple contractors can provide urgently needed technologies; much greater use of fast-track contracting methods like Other Transactions Authorities that use smaller awards to bypass traditional rules and get money to contractors faster; and preference for modular, open-source designs, which are more adaptable and much more in line with the way the tech community designs software.
A former Defense Department official said of the new provisions in the memo, “this was necessary and we are headed in the right direction.”
A former military official who worked in drone design and purchasing described the new draft guidance as a long-overdue fix for slow, out-of-date processes, as in old rules that protect established defense prime contractors and shut smaller, more innovative players out of the Pentagon. The former official described themselves as “salty” on the issue after seeing how DOD's method of buying and building slowed the deployment of vital arms and gear.
These longstanding problems are exemplified by the many easily-defeatable drones that the United States has sent to Ukraine, the former official said.
“I've got pictures on pictures on Signal of warehouses” full of useless donated drones, he said. “They'd rather have it, even if only 10 percent of it works. They'll accept the other 90 percent of the garbage because they need it that bad.”
What new startups have long needed, the former official said, was “top cover” for risk-taking from the department. They pointed to the Defense Innovation Unit and the Fuze and University Accelerator efforts as vital Band-Aids.
The former official also said DOD often fails to provide clear demand signals, making it nearly impossible for companies to plan for workforce needs.
“No responsible executive wants to hire hundreds of people just to lay them off when Congress can’t pass a budget,” they said.
It’s just one of the ways the Pentagon’s buying process crowds out small, innovative companies in favor of larger companies that have the workforce and processes to weather lags in budget approval.
A boost to new players
The new guidance follows two other key steps the Pentagon has taken to speed tech buying; a March memo that prioritizes the purchase of dual-use technology and already-built software over software that the Pentagon would pay a contractor to write and implement for them, and July guidance that gave battalion-level commanders far more authority and influence over what they purchase by re-categorizing various types of weapons, such as drones, more like bullets or artillery shells than aircraft.
Those sorts of changes are enabling a new class of defense tech startup willing to do the work, go to Eastern Europe, and develop relationships with Ukrainian front-line operators.
One such company is Aurelius Systems, a startup with 16 people, but also Ukrainian partners. Aurelius makes directed-energy weapons to take down drones, an economically-attractive alternative to missiles, especially for a country like Ukraine where both soldiers and civilians live under constant drone bombardment. They rely largely on parts and supplies that are already in the U.S. medical and industrial base, lowering cost.
“We do a lot of testing in the U.S., at test ranges with emitters that really they're not representative of that environment,” due, in part, to U.S. laws that govern the electromagnetic spectrum, said Dustin Hicks, the company’s head of growth. So experience in Ukraine has been invaluable, an impression that is shared by U.S. commanders in the region, such as NATO Supreme Commander U.S. Gen. Alexus Grynkewich,
Right: Aurelius Systems founder Michael LaFramboise
Michael LaFramboise, the company’s 29-year-old founder, told Defense One on Tuesday that “We started our company doing a ton of user research with Ukrainian frontline operators, seeing what was being used, what was coming down the pike, and kind of what their development cycle is like. That was the initial genesis of the company, getting a glimpse into what the next conflict might look like.”
LaFamboise didn’t speak directly to the memo, but he said private capital markets are now much more interested in funding new defense tech startups, lessening the financial burden of having to do research and development. But, in terms of testing which products actually work in a real-world environment, Ukraine is providing a real advantage for those American firms willing to work with them.
“For the Ukrainians, obviously, there is [a huge need] to revamp how you do military development,” he said. “They’re willing to take risks.”
European organizations are facing an unprecedented wave of ransomware attacks as cybercriminals increasingly integrate artificial intelligence tools into their operations.
Since January 2024, big game hunting threat actors have named approximately 2,100 Europe-based victims on more than 100 dedicated leak sites, representing a 13% year-over-year increase in attacks.
The region now accounts for nearly 22% of all global ransomware victims tracked, making it the second most targeted region after North America.
Organizations in the United Kingdom, Germany, Italy, France, and Spain have borne the brunt of these attacks, with manufacturing, professional services, and technology sectors experiencing the heaviest losses.
The surge in ransomware activity across Europe stems from several factors that make the region particularly attractive to threat actors.
Cybercriminals have weaponized the European Union’s General Data Protection Regulation, threatening to report victims for regulatory noncompliance during ransom negotiations.
The financial incentive remains substantial, as Europe hosts five of the world’s ten most valuable companies, enabling threat actors to demand significant ransoms based on organizational revenue.
Additionally, some adversaries have expressed political motivations, with certain groups supporting geopolitical conflicts and cooperating with hybrid threat actors for mutual benefit.
CrowdStrike researchers noted that adversaries are employing increasingly sophisticated tactics to maximize their impact.
During the reporting period from January 2024 to September 2025, threat actors heavily utilized credential dumping from backup and restore configuration databases, which often contain access to hypervisor infrastructure.
The attackers frequently executed ransomware from unmanaged systems lacking endpoint detection and response software, enabling them to remotely encrypt files while evading traditional security measures.
DLS entries by country, sector, and time period (Source – CrowdStrike)
One particularly concerning trend involves the deployment of Linux ransomware targeting VMware ESXi infrastructure, allowing adversaries to compromise entire virtualized environments simultaneously.
The underground ecosystem supporting these operations has proven remarkably resilient despite law enforcement efforts.
Russian-language forums such as Exploit and XSS facilitate collaboration among threat actors, offering initial access brokers, malware-as-a-service providers, and even violence-as-a-service operations.
English-language platforms like BreachForums have created accessible marketplaces where adversaries exchange compromised credentials, tooling, and intelligence.
These forums employ trust-building mechanisms including escrow services and reputation systems, creating a professional criminal economy that lowers the barrier to entry for aspiring attackers.
Evolution of Attack Techniques and AI Integration
The integration of artificial intelligence capabilities has transformed how threat actors conduct their operations across Europe.
Adversaries are leveraging large language models to craft more convincing phishing content and generate polymorphic code that evades signature-based detection systems.
CrowdStrike researchers identified campaigns where threat actors utilized AI-powered tools to automate reconnaissance activities, enabling them to scan thousands of potential targets and identify vulnerable systems at unprecedented speed.
The sophistication extends to social engineering operations, where adversaries employ AI-generated voice synthesis for vishing campaigns that convincingly impersonate legitimate help desk personnel.
Voice phishing has emerged as a significant threat vector, with nearly 1,000 vishing-related incidents observed globally during the reporting period.
Although most incidents currently impact North America, CrowdStrike researchers noted that vishing will likely become more prevalent in Europe as adversaries recruit native speakers of target languages.
Sophisticated groups like SCATTERED SPIDER have demonstrated the effectiveness of this approach, averaging just 35.5 hours between initial access and ransomware deployment in 2024, with one mid-2025 incident compressed to approximately 24 hours.
The adversary’s April 2025 campaign against UK-based retail entities showcased the evolution of these tactics, including a possible close-access operation attempting to recruit individuals for onsite Wi-Fi compromise.
Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.
A privilege escalation flaw in Windows Cloud Files Mini Filter Driver has been discovered, allowing local attackers to bypass file write protections and inject malicious code into system processes.
Security researchers have uncovered CVE-2025-55680, a high-severity privilege-escalation vulnerability in the Windows Cloud Files Mini Filter Driver.
The flaw exists in the Cloud Files Filter (cldsync.sys) driver’s handling of file path validation during placeholder file creation operations.
Specifically, the vulnerability resides in the call chain: HsmFltProcessHSMControl → HsmFltProcessCreatePlaceholders → HsmpOpCreatePlaceholders.
Microsoft previously patched a similar file write vulnerability reported by Project Zero in 2020. However, the current implementation contains a critical logical flaw.
While Microsoft added code to prevent backslash ($$ and colon (:)) characters in file paths from being used to block symbolic link attacks, the validation check can be bypassed through a Time-of-Check Time-of-Use (TOCTOU) race condition.
Attackers can modify the path string in kernel memory between the validation check and the actual file operation, allowing malicious paths to pass through security controls.
How the Exploit Works
The exploitation technique requires multiple coordinated steps. First, attackers start the Remote Access Service (rasman) and create a cloud file sync root using the Cloud Files API.
Next, they connect to the Cloud Files Filter driver through DeviceIoControl calls and establish a communication port with the filter manager.
The attacker then creates a thread that continuously modifies a path string in kernel memory, changing it from an innocent filename to a symbolic link pointing to system directories like C:\Windows\System32.
While one thread performs file-creation operations, another thread rapidly modifies the memory location, exploiting the race condition window between the security check and file creation.
CVE ID
Vulnerability Type
Affected Component
CVSS Score
CVE-2025-55680
Privilege Escalation
Windows Cloud Files Mini Filter Driver (cldsync.sys)
7.8
When the timing aligns perfectly, the driver creates files with elevated kernel-mode access privileges, bypassing standard access controls.
Attackers weaponize this by writing malicious DLLs, such as rasmxs.dll, into protected system directories. Leveraging RPC calls to force privileged services to load the compromised library, resulting in complete system compromise, as reported by ssd-disclosure.
This vulnerability represents a serious privilege escalation risk for Windows systems. The attack requires local system access but delivers complete privilege escalation capabilities.
Any authenticated user can potentially exploit this flaw to gain SYSTEM-level privileges and maintain persistence through legitimate system processes.
Organizations running vulnerable Windows versions should prioritize patching immediately, as the exploitation technique is straightforward and reliable.
October 2025 marked a notable escalation in cyber threats, with phishing campaigns and ransomware variants exploiting trusted cloud services to target corporate credentials and critical infrastructure.
Attackers increasingly abused platforms like Google, Figma, and ClickUp for credential theft, while LockBit’s latest iteration extended its reach to virtualized environments.
These incidents, analyzed by cybersecurity firms such as ANY.RUN underscores the need for behavioral detection beyond static indicators.
Phishing attacks in October heavily relied on legitimate services to evade traditional filters, starting with a campaign mimicking Google Careers job offers.
Emails lured victims with fake application pages, routing through Salesforce redirects and Cloudflare Turnstile CAPTCHAs before harvesting credentials via domains like satoshicommands.com.
This multi-step attack chain targeted tech and consulting sectors, exploiting brand trust to enable account takeovers and data exfiltration.
Similarly, Figma’s public prototypes became a vector for Microsoft-themed phishing, where shared “document” invites led to fake login pages, here is the attack analysis.
Groups like Storm-1747 drove nearly half of these attacks, using Figma’s trusted domain to embed interactive lures that bypassed email security. Victims encountered CAPTCHAs and redirects to credential-stealing sites, often linked to operators such as Mamba.
ClickUp faced abuse as a redirector, with phishing emails directing users to doc.clickup.com, then hopping to Microsoft microdomains and Azure Blob Storage for final payload delivery. This chain mimicked collaboration traffic, making it hard for whitelists to flag, and resulted in widespread credential compromises.
A standout development was TyKit, a reusable phishing kit first spotted in May 2025 but peaking in October. It hid obfuscated JavaScript in SVG files, using eval functions and Base64 encoding to redirect users to Microsoft 365 impersonators.
Affecting finance, government, and telecom across multiple regions, TyKit employed anti-debugging and staged C2 checks for evasion, leading to hundreds of account thefts via AitM techniques.
Ransomware Targets Diverse Operating Systems
LockBit 5.0 emerged as a cross-platform threat on the ransomware front, celebrating the group’s sixth anniversary by expanding beyond Windows to Linux and VMware ESXi.
The variant analysis featured enhanced obfuscation, DLL reflection, and anti-analysis routines, allowing rapid encryption of virtual machines and datastores.
This enabled affiliates to disrupt entire data centers, with randomized extensions and log clearing complicating response efforts.
The ESXi build was particularly alarming, targeting hypervisors to encrypt multiple VMs simultaneously, while Linux and Windows versions included region-based restrictions and service terminations.
Attacks hit enterprises in Europe, North America, and Asia, amplifying downtime and financial losses through shared infrastructure tactics.
Security teams must prioritize sandbox detonation for SVG and redirect analysis, as static tools miss these behaviors. Implementing phishing-resistant MFA, monitoring for suspicious domains like segy.zip or hire.gworkmatch.com, and integrating threat intelligence feeds can mitigate risks.
Regular backups, VPN-enforced access, and behavioral monitoring in sandboxes like ANY.RUN’s reduce mean time to response, turning isolated indicators into proactive rules. As attackers refine cloud abuse, organizations should rehearse playbooks to counter the next surge.
Catch attacks early with instant IOC enrichment and interactive sandbox => Try Now
A critical security vulnerability in the AI Engine WordPress plugin has put more than 100,000 active installations at risk of privilege escalation attacks.
The flaw, tracked as CVE-2025-11749 with a CVSS score of 9.8, allows unauthenticated attackers to extract bearer tokens and gain complete administrative control over vulnerable WordPress sites.
Security researcher Emiliano Versini discovered the vulnerability on October 4, 2025, and responsibly reported it through the Wordfence Bug Bounty Program, earning a bounty of $2,145.
The vulnerability centers on a sensitive information exposure issue that affects all versions of AI Engine up to and including 3.1.3.
When site administrators enable the ‘No-Auth URL’ feature in the Model Context Protocol (MCP) settings, the plugin inadvertently exposes bearer tokens through the /wp-json/ REST API index.
These tokens serve as authentication credentials for the MCP integration, which enables AI agents like Claude and ChatGPT to control WordPress websites by executing commands, managing media files, and editing user accounts.
Wordfence researchers identified the root cause in the plugin’s REST API route registration process.
The vulnerable code registers No-Auth URL endpoints without setting the ‘show_in_index’ parameter to false, making these endpoints publicly accessible.
Once attackers extract the exposed bearer token from the API index, they can authenticate themselves to the MCP endpoint and execute commands such as ‘wp_update_user’ to escalate their privileges to administrator level.
With administrative access secured, threat actors can upload malicious plugins containing backdoors, modify website content to inject spam, or redirect visitors to harmful sites.
Technical Breakdown of the Exploitation Process
The vulnerability exists within the Meow_MWAI_Labs_MCP class where the plugin registers REST API routes using the rest_api_init() function.
The critical flaw emerges when the No-Auth URL setting is enabled. The code registers special endpoints that include the bearer token directly in the URL path, designed to allow AI agents access without traditional authentication. However, the registration fails to hide these endpoints from the public REST API index.
An unauthenticated attacker can simply navigate to /wp-json/ on a vulnerable WordPress site to view all registered REST API endpoints.
Sites with No-Auth URL enabled will expose endpoints containing the bearer token in their path structure.
The attacker can then use this token to authenticate requests to the MCP endpoint and execute privileged operations.
Plugin developer Jordy Meow addressed the vulnerability in version 3.1.4 by adding the ‘show_in_index’ => false parameter to prevent the endpoints from appearing in the public index.
However, site administrators who previously had No-Auth URL enabled must rotate their bearer tokens immediately, as the exposed credentials may have already been compromised.
Wordfence deployed firewall rules for Premium, Care, and Response users on October 15, 2025, while free users will receive protection on November 14, 2025.
The firewall detects malicious REST API actions targeting the MCP endpoint and blocks exploitation attempts.
Site owners should update to AI Engine version 3.1.4 immediately and regenerate their bearer tokens through the plugin settings to ensure complete protection against this critical vulnerability.
Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.
Seven critical vulnerabilities in OpenAI’s ChatGPT, affecting both GPT-4o and the newly released GPT-5 models, that could allow attackers to steal private user data through stealthy, zero-click exploits.
These flaws exploit indirect prompt injections, enabling hackers to manipulate the AI into exfiltrating sensitive information from user memories and chat histories without any user interaction beyond a simple query.
With hundreds of millions of daily users relying on large language models like ChatGPT, this discovery highlights the urgent need for stronger AI safeguards in an era where LLMs are becoming primary information sources.
The vulnerabilities stem from ChatGPT’s core architecture, which relies on system prompts, memory tools, and web browsing features to deliver contextual responses.
OpenAI’s system prompt outlines the model’s capabilities, including the “bio” tool for long-term user memories enabled by default and a “web” tool for internet access via search or URL browsing.
Memories can store private details deemed important from past conversations, while the web tool uses a secondary AI, SearchGPT, to isolate browsing from user context, theoretically preventing data leaks.
However, Tenable researchers found that SearchGPT’s isolation is insufficient, allowing prompt injections to propagate back to ChatGPT.
browsing via Search GPT
Novel Attack Techniques Exposed
Among the seven vulnerabilities, a standout is the zero-click indirect prompt injection in the Search Context, where attackers create indexed websites tailored to trigger searches on niche topics.
Here are short summaries of all seven ChatGPT vulnerabilities discovered by Tenable Research:
Indirect Prompt Injection via Browsing Context: Attackers hide malicious instructions in places like blog comments, which SearchGPT processes and summarizes for users, compromising them without suspicion.
Zero-Click Indirect Prompt Injection in Search Context: Attackers index websites with malicious prompts that trigger automatically when users ask innocent questions, leading to manipulated responses without any user clicks or interaction.
One-Click Prompt Injection via URL Parameter: Users clicking on crafted links (e.g., chatgpt.com/?q=malicious_prompt) unknowingly cause ChatGPT to execute attacker-controlled instructions.
url_safe Safety Mechanism Bypass: Attackers leverage whitelisted Bing.com tracking links to sneak malicious redirect URLs past OpenAI’s filters and exfiltrate user data, even circumventing built-in protections.
Conversation Injection: Attackers inject instructions into SearchGPT’s output that ChatGPT reads and executes from conversational context, effectively prompting itself and enabling chained exploits.
Malicious Content Hiding: By abusing a markdown rendering flaw, attackers can hide injected malicious prompts from the user’s view while keeping them in model memory for exploitation.
Persistent Memory Injection: Attackers manipulate ChatGPT to update its persistent memory and embed exfiltration instructions so private data continues being leaked in future sessions or interactions.
Proofs of Concept and OpenAI’s Response
Tenable demonstrated full attack chains, such as phishing via blog comments leading to malicious links or image markdowns that exfiltrate info using url_safe bypasses.
In PoCs for both GPT-4o and GPT-5, attackers phished users by summarizing rigged blogs or hijacking search results to inject persistent memories that leak data perpetually. These scenarios underscore how everyday tasks like asking for dinner ideas could unwittingly expose personal details.
Tenable disclosed the issues to OpenAI, resulting in fixes for some vulnerabilities via Technical Research Advisories (TRAs) like TRA-2025-22, TRA-2025-11, and TRA-2025-06.
Despite improvements, prompt injection remains an inherent LLM challenge, with GPT-5 still vulnerable to several PoCs. Experts urge AI vendors to rigorously test safety mechanisms, as reliance on isolated components like SearchGPT proves fragile against sophisticated chaining.
As LLMs evolve to rival traditional search engines, these HackedGPT findings serve as a wake-up call for users and enterprises to scrutinize AI dependencies and implement external monitoring.
Another boat attack. The U.S. military killed two more people in an alleged drug-trafficking boat in an unspecified location off the Pacific coast of Latin America, Pentagon chief Pete Hegseth announced Tuesday with an 18-second video posted to Twitter.
“No U.S. forces were harmed in the strike, and two male narco-terrorists—who were aboard the vessel—were killed,” Hegseth said.
To date, at least 66 people have been killed in 16 strikes on 17 typically small boats. That includes nine vessels attacked in the Caribbean Sea and eight others on the Pacific side of Latin America.
Hegseth claims those in the boats are associated with a “Designated Terrorist Organization,” and that “NO cartel terrorist stands a chance against the American military,” he wrote online Tuesday. However, neither the White House nor the Defense Department has provided public evidence supporting their claims for any of the boat strikes, which the White House last week claimed are exempt from congressional oversight under the 1973 War Powers Resolution.
Panning out: “For Trump, the entire Western hemisphere is America’s,” former U.S. ambassador to NATO Ivo Daalder wrote Tuesday for Politico. “For him, the biggest threats to America today are the immigrants flooding across the country’s borders and the drugs killing tens of thousands from overdoses. And to that end, his real goal is to dominate the entire Western hemisphere — from the North Pole to the South Pole — using America’s superior military and economic power to defeat all ‘enemies,’ both foreign and domestic,” Daalder explained.
Why it matters: “Overall, Trump’s focus on dominating the Western hemisphere represents a profound shift from nearly a century’s-long focus on warding off overseas threats to protect Americans at home,” the former NATO ambassador said. “And like it or not, for Trump, security in the second quarter of the 21st century lies in concepts and ideas first developed in the last quarter of the 19th century.” More, here.
Out in Hawaii, a former Trump acting SecDef said this myopia is degrading America’s ability to deter China. Chris Miller, who ran the Pentagon in the lame-duck months of the first Trump administration, says he expected more from the second, not less. “Where’s the leadership? We spend a trillion dollars a year on national security. We can do more than one thing,” Miller said during a panel at last week’s AFCEA TechNet Indo-Pacific conference. He shared the stage with Sean Berg, a former deputy commander of Special Operations Command Pacific, who said China “is already in phase three” of a war while “we still think of ourselves in phase zero: shaping.” Defense One’s Jennifer Hlad has more, here.
Update: SecDef Hegseth’s Friday speech to defense industry leaders at the National War College in Washington is scheduled for 2 p.m. ET.
Admin note: “All media covering the event must be on the credentialed list,” the Pentagon announced in a message to reporters Wednesday. Read more about the Pentagon’s credentialed media list below the fold.
New: Gen. Kenneth Wilsbach was sworn in as the Air Force Chief of Staff this week. The service's new top uniformed leader had previously led Air Combat Command and Pacific Air Forces.
He told airmen in a brief letter made public on Tuesday that their mission was simple: “to fly and fix so we are ready to fight.” That message mirrors concerns echoed by Congress last month who urged the then-nominee to reverse the decline in aircraft readiness.
Wilsbach also said the Air Force will “advocate relentlessly for programs like the F-47, Collaborative Combat Aircraft as well as nuclear force recapitalization through the Sentinel program and the B-21,” according to the letter. Notably, he did not promise to follow lawmakers’ direction on spending the $150 billion allocated in the reconciliation bill last summer.
Welcome to this Wednesday edition of The D Brief, a newsletter dedicated to developments affecting the future of U.S. national security, brought to you by Ben Watson, Thomas Novelly and Bradley Peniston. It’s more important than ever to stay informed, so thank you for reading. Share your tips and feedback here. And if you’re not already subscribed, you can do that here. On this day in 2006, and almost three years after his capture, Saddam Hussein was sentenced to death by the Iraqi Interim Government for crimes against humanity committed during his time in office, including the 1982 massacre of 148 people.
National Guard soldiers ordered to Washington, D.C., have had their deployments extended to at least February, CNN reported last Wednesday as a court case over the matter continues to play out pitting the White House against Washington’s attorney general.
Recap: Trump ordered the troops to the nation’s capital in early August, offering false and exaggerated crime statistics to justify the Guard deployment and his takeover of the D.C. police. The deployments—totalling more than 2,300 troops so far, including soldiers from DC, Louisiana, Mississippi, Ohio, South Carolina, West Virginia, Georgia and Alabama—were initially slated to end in November. However, there were indications online suggesting U.S. officials were planning for a longer Guard presence in Washington, as Task & Purpose reported in mid-September. Meanwhile, “Soldiers, who largely have patrolled federal parks and Metro subway stations, have been spotted over recent weeks picking up trash in Washington or being heckled by city residents, including some who have played the ‘Imperial March’ from ‘Star Wars’ at them,” Task & Purpose reported Sunday.
AM dispatch from Washington: “National Guard troops patrolling DC made themselves useful this morning: Pushed a dead BMW out of traffic on Pennsylvania Avenue,” former State Department official Brian Finacune wrote on social media Wednesday. He added, “Not obvious to me however that this needed to be a military function.”
After booting nearly all of its professional journalists from the building, Trump’s Pentagon credentialed far-right activist Laura Loomer as a reporter—and she quickly began appealing for tips, which is prohibited according to the Pentagon policy she says she’d signed to obtain the credentials, Phil Stewart of Reuters pointed out in response to Loomer’s announcement on social media Tuesday.
About that updated Pentagon policy: It reads, “An advertisement or social media post by an individual journalist or media outlet that directly targets [Defense Department] personnel to disclose non-public information without proper authorization would constitute a solicitation that could lead to revocation” of press credentials, Stewart flagged.
Perspective: The Pentagon’s policy shop is a “Pigpen-like mess,” Arkansas GOP Sen. Cotton said during a routine nomination hearing Tuesday on Capitol Hill.
Background:Austin Dahmer was ostensibly before the committee to answer questions about how he would tackle the job of assistant secretary for strategy, plans, and forces—a job whose title and responsibilities have changed in ways that the committee was only told about on Sunday night, Defense One’s Meghann Myers reports. But because Dahmer has already been performing the duties of another high-level Pentagon official—and because SecDef Hegseth has restricted communication between the department and Congress, requiring every interaction be cleared through legislative affairs—a bipartisan group of senators took the opportunity to grill Dahmer on a host of recent department moves.
Sen. Cotton listed several concerns, including:
A pause in Ukrainian security assistance;
The uncoordinated review of the AUKUS agreement;
Opposition to deploying more U.S. troops to the Middle East during the Iran-Israel war in June;
The cancellation of a meeting among top Japanese and U.S. officials;
And the recent cancellation of a rotational Army brigade deployment to Romania.
“I understand that media reports can be wrong, believe me, but it just seems like there's this Pigpen-like mess coming out of the policy shop that you don't see from, say, intel and security and acquisition and sustainment,” Cotton said. Asked why the policy undersecretary’s office, led by Elbridge Colby, has been at the center of so many controversies, Dahmer blamed “fake news” and “inaccurate reporting” while claiming ignorance of details. Read the rest, here.
Update: Saudi Arabia moved one step closer to buying 48 F-35 jets after Riyadh’s request recently advanced in the Pentagon’s review process, progressing from the policy shop and now to the secretary level, Reuters reported Tuesday.
Caveat: “[N]o final decision has been made and several more steps are needed before the ultimate nod, including further approvals at the Cabinet level, sign-off from Trump and notification of Congress,” Mike Stone of Reuters writes.
Reminder: The Saudis are Washington’s biggest arms buyer, and have been seeking to purchase F-35s for several years. More, here.
.webp)
.webp)
