Patch/Configuration Management

Envoy Air is the second organization confirmed to have been exposed to Clop attacks.

BleepingComputer reports that updates have been issued by Gladinet for a local file inclusion flaw impacting its CentreStack business solution, tracked as CVE-2025-11371, which has been leveraged in zero-day intrusions since late September.

Intrusions with Cisco SNMP bug facilitate Linux rootkit deployment Older Linux systems have been compromised with rootkits in attacks involving the exploitation of a high-severity Cisco IOS and IOS XE Simple Network Management Protocol vulnerability, tracked as CVE-2025-20352, part of the Operation Zero Disco campaign, reports Security Affairs.

The flaw could enable both authentication bypass and remote code execution; added to CISA KEV list.

Senate Committee on Health, Education, Labor, and Pensions Chair Bill Cassidy, R-La., has called on Cisco Systems to provide more transparency about the impact of recent cybersecurity vulnerabilities, tracked as CVE-2025-20362 and CVE-2025-30333, that led to an emergency federal directive last month, reports The Record, a news site by cybersecurity firm Recorded Future.

Claroty shows how Linux shell commands can be executed as root without authentication.

Attackers can exploit the flaw to take complete control of vulnerable SAP servers without a log-in.

Source code and information about undisclosed vulnerabilities were stolen in the attack.