{"uuid": "e84b3f49-ea56-4cfa-9dad-9193ad096146", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32701", "type": "exploited", "source": "https://t.me/CyberUnderworlds/8", "content": "\ud83c\udf11 @CyberUnderworlds | Echoes from the Digital Void \ud83c\udf11\nMay 28, 2025 \u2013 The digital battlefield never sleeps, and today\u2019s whispers bring fresh tales of chaos and cunning. Behold the latest from the cybersecurity abyss:\n\n\ud83c\udde8\ud83c\uddf3 Taiwan-China Cyber Tensions Escalate: China accuses Taiwan of targeting a tech firm with a cyberattack, while Taiwan calls it a disinformation ploy. A high-stakes shadow war unfolds in the East.\n\n\ud83e\udda0 DarkCloud Stealer Emerges: A new wave of DarkCloud Stealer malware targets government organizations, extracting sensitive data since January 2025. Chihuahua and Pentagon Stealers join the fray, lurking in the wild.\n\n\ud83c\udfe6 JPMorgan\u2019s SaaS Warning: CISO Pat Opet sounds the alarm on OAuth-based SaaS vulnerabilities, highlighting risks from fourth-party vendors. Implicit trust in app connections is a ticking time bomb.\n\n\ud83c\uddec\ud83c\udde7 UK Legal Aid Breach: Hackers infiltrate Britain\u2019s Legal Aid Agency, stealing personal data, including criminal records, since 2010. Addresses, IDs, and financial details are now in the wrong hands.\n\n\ud83d\udee1\ufe0f Pentesting Crisis: Pentera\u2019s 2025 State of Pentesting Report reveals only 14% of CISOs trust government support for cyber challenges, with 59% adopting solutions driven by cyber insurance demands.\n\n\u26a0\ufe0f Microsoft\u2019s Zero-Day Fixes: Five actively exploited zero-days (CVE-2025-30397, CVE-2025-30400, CVE-2025-32701, CVE-2025-32706, CVE-2025-32709) patched in May 2025, targeting Windows vulnerabilities. Act fast or fall prey.\n\n\ud83c\udf10 Fourth-Party Risk Looms: Trellix\u2019s April 2025 Cyberthreat Report warns of evolving attack chains exploiting supply chain weaknesses, targeting cybersecurity tools themselves to erode defenses from within.\n\n@CyberUnderworlds \u2013 #CyberUnderworlds", "creation_timestamp": "2025-05-28T09:48:56.000000Z"}