ThreatsDay Bulletin: AI Voice Cloning Exploit, Wi-Fi Kill Switch, PLC Vulns, and 14 More Stories

The internet never stays quiet. Every week, new hacks, scams, and security problems show up somewhere.

This week’s stories show how fast attackers change their tricks, how small mistakes turn into big risks, and how the same old tools keep finding new ways to break in.

Read on to catch up before the next wave hits.

1. Unauthenticated RCE risk

   A high-severity security flaw has been disclosed in Redis (CVE-2025-62507, CVSS score: 8.8) that could potentially lead to remote code execution by means of a stack buffer overflow. It was fixed in version 8.3.2. JFrog’s analysis of the flaw has revealed that the vulnerability is triggered when using the new Redis 8.2 XACKDEL command, which was introduced to simplify and optimize stream cleanup. Specifically, it resides in the implementation of xackdelCommand(), a function responsible for parsing and processing the list of stream IDs supplied by the user. “The core issue is that the code does not verify that the number of IDs provided by the client fits within the bounds of this stack-allocated array,” the company said. “As a result, when more IDs are supplied than the array can hold, the function continues writing past the end of the buffer. This results in a classic stack-based buffer overflow.” The vulnerability can be triggered remotely in the default Redis configuration just by sending a single XACKDEL command containing a sufficiently large number of message IDs. “It is also important to note that by default, Redis does not enforce any authentication, making this an unauthenticated remote code execution,” JFrog added. As of writing, there are 2,924 servers susceptible to the flaw.

2. Signed malware evasion

   BaoLoader, ClickFix campaigns, and Maverick emerged as the top three threats between September 1 and November 30, 2025, according to ReliaQuest. Unlike typical malware that steals certificates, BaoLoader’s operators are known to register legitimate businesses in Panama and Malaysia specifically to purchase valid code-signing certificates from major certificate authorities to sign their payloads. “With these certificates, their malware appears trustworthy to both users and security tools, allowing them to operate largely undetected while being dismissed as merely potentially unwanted programs (PUPs),” ReliaQuest said. The malware, once launched, abuses “node.exe” to run malicious JavaScript for reconnaissance, in-memory command execution, and backdoor access. It also routes command-and-control (C2) traffic through legitimate cloud services, concealing outbound traffic as normal business activity and undermining reputation-based blocking.

3. RMM abuse surge

   Phishing emails disguised as holiday party invitations, overdue invoices, tax notices, Zoom meeting requests, or document signing notifications are being used to deliver Remote Monitoring and Management (RMM) tools like LogMeIn Resolve, Naverisk, and ScreenConnect in multi-stage attack campaigns. In some cases, ScreenConnect is used to deliver secondary tools, including other remote access programs, alongside HideMouse and WebBrowserPassView. While the exact strategy behind installing duplicate remote access tools is not clear, it’s believed that the threat actors may be using trial licenses, forcing them to switch them to avoid them expiring. In another incident analyzed by CyberProof, attackers transitioned from targeting an employee’s personal PayPal account to establishing a corporate foothold through a multi-layered RMM strategy involving the use of LogMeIn Rescue and AnyDesk by tricking victims into installing the software over the phone by pretending to be support personnel. The email is designed to create urgency by masquerading as PayPal alerts.

4. CAV operator caught

   Dutch authorities said they have arrested a 33-year-old at Schiphol for their alleged involvement in the operation of AVCheck, a counter-antivirus (CAV) service that was dismantled by a multinational law enforcement operation in May 2025. “The service offered by the suspect enabled cybercriminals to refine the concealment of malicious files each time,” Dutch officials said. “It is very important for cybercriminals that as few antivirus programs as possible are able to detect the malicious activity, in order to maximize their chances of success in finding victims. In this way, the man enabled criminals to use the malware they had developed to claim as many victims as possible.”

5. Gemini powers Siri

   Apple and Google have confirmed that the next version of Siri will use Gemini and its cloud technology in a multi-year collaboration between the two tech giants. “Apple and Google have entered into a multi-year collaboration under which the next generation of Apple Foundation Models will be based on Google’s Gemini models and cloud technology,” Google said. “These models will help power future Apple Intelligence features, including a more personalized Siri coming this year.” Google emphasized that Apple Intelligence will continue to run on Apple devices and Private Cloud Compute, while maintaining Apple’s industry-leading privacy standards. “This seems like an unreasonable concentration of power for Google, given that they also have Android and Chrome,” Tesla and X CEO Elon Musk said.

6. China bans foreign tools

   China has asked domestic companies to stop using cybersecurity software made by roughly a dozen firms from the U.S. and Israel due to national security concerns, Reuters reported, citing “two people briefed on the matter.” This includes VMware, Palo Alto Networks, Fortinet, and Check Point. Authorities have reportedly expressed concerns that the software could collect and transmit confidential information abroad.

7. RCE via AI libraries

   Security flaws have been disclosed in open-source artificial intelligence/machine learning (AI/ML) Python libraries published by Apple (FlexTok), NVIDIA (NeMo), and Salesforce (Uni2TS) that allow for remote code execution (RCE) when a model file with malicious metadata is loaded. “The vulnerabilities stem from libraries using metadata to configure complex models and pipelines, where a shared third-party library instantiates classes using this metadata,” Palo Alto Networks Unit 42 said. “Vulnerable versions of these libraries simply execute the provided data as code. This allows an attacker to embed arbitrary code in model metadata, which would automatically execute when vulnerable libraries load these modified models.” The third-party library in question is Meta’s Hydra, specifically a function named "hydra.utils.instantiate()" that makes it possible to run code using Python functions like os.system(), builtins.eval(), and builtins.exec(). The vulnerabilities, tracked as CVE-2025-23304 (NVIDIA) and CVE-2026-22584 (Salesforce), have since been addressed by the respective companies. Hydra has also updated its documentation to state that RCE is possible when using instantiate() and that it has implemented a default list of blocklisted modules to mitigate the risk. “To bypass it, set the env var HYDRA_INSTANTIATE_ALLOWLIST_OVERRIDE with a colon-separated list of modules to allowlist,” it said.

8. AI voice evasion

   A group of academics has devised a technique called VocalBridge that can be used to bypass existing security defenses and execute voice cloning attacks. “Most existing purification methods are designed to counter adversarial noise in automatic speech recognition (ASR) systems rather than speaker verification or voice cloning pipelines,” the team from the University of Texas at San Antonio said. “As a result, they fail to suppress the fine-grained acoustic cues that define speaker identity and are often ineffective against speaker verification attacks (SVA). To address these limitations, we propose Diffusion-Bridge (VocalBridge), a purification framework that learns a latent mapping from perturbed to clean speech in the EnCodec latent space. Using a time-conditioned 1D U-Net with a cosine noise schedule, the model enables efficient, transcript-free purification while preserving speaker-discriminative structure.”

9. Telecoms under scrutiny

Russia's telecommunications watchdog Roskomnadzor has called out 33 telecom operators for failing to install traffic inspection and content filtering equipment. A total of 35 cases of violations were detected on the operators' networks. "Courts have already taken place in four cases, and fines have been issued to violators. Materials on six facts have been sent to the court. The remaining operators were summoned to draw up protocols," the Roskomnadzor said. In the aftermath of Russia's invasion of Ukraine in 2022, the agency has mandated that all telecom operators must install equipment that inspects user traffic and blocks access to "undesired" sites.

11. Turla evasion tactics

A new analysis of a Turla malware known as Kazuar has revealed the various techniques the backdoor employs to evade security solutions and increase analysis time. This includes the use of the Component Object Model (COM), patchless Event Tracing for Windows (ETW), Antimalware Scan Interface (AMSI) bypass, and a control flow redirection trick to carry out the primary malicious routines during the second run of a function named "Qtupnngh," which then launches three Kazuar .NET payloads (KERNEL, WORKER, and BRIDGE) using multi-stage infection chain. "The core logic resides in the kernel, which acts as the primary orchestrator. It handles task processing, keylogging, configuration data handling, and so on," researcher Dominik Reichel said. "The worker manages operational surveillance by monitoring the infected host's environment and security posture, among its various other responsibilities. Finally, the bridge functions as the communications layer, facilitating data transfer and exfiltration from the local data directory through a series of compromised WordPress plugin paths."

12. PLC flaws exposed

Cybersecurity researchers have disclosed details of multiple critical security vulnerabilities impacting the Delta Electronics DVP-12SE11T programmable logic controller (PLC) that pose severe risks ranging from unauthorized access to operational disruption in operational technology (OT) environments. The vulnerabilities include: CVE-2025-15102 (CVSS score: 9.8), a password protection bypass, CVE-2025-15103 (CVSS score: 9.8), an authentication bypass via partial password disclosure, CVE-2025-15358 (CVSS score: 7.5): a denial-of-service, and CVE-2025-15359 (CVSS score: 9.8), an out-of-bounds memory write. The issues were addressed via firmware updates in late December 2025. "Weaknesses in PLC authentication and memory handling can significantly increase operational risk in OT environments, particularly where legacy systems or limited network segmentation are present," OPSWAT Unit 515, which discovered the flaws during a security assessment in August 2025, said.

13. Salesforce audit tool

Mandiant has released an open-source tool to help Salesforce admins audit misconfigurations that could expose sensitive data. Called AuraInspector, it has been described as a Swiss Army knife of Salesforce Experience Cloud testing. "It facilitates in discovering misconfigured Salesforce Experience Cloud applications as well as automates much of the testing process," Google said. This includes discovery of accessible records from both Guest and Authenticated contexts, the ability to get the total number of records of objects using the undocumented GraphQL Aura method, checks for self-registration capabilities, and discovery of "Home URLs", which could allow unauthorized access to sensitive administrative functionality.

14. Wi-Fi DoS exploit

A high-severity flaw (CVSS score: 8.4) in Broadcom Wi-Fi chipset software can allow an unauthenticated attacker within radio range to completely take wireless networks offline by sending a single malicious frame, regardless of the configured network security level, forcing routers to be manually rebooted before connectivity can be restored. The flaw affects 5GHz wireless networks and causes all connected clients, including guest networks, to be disconnected simultaneously. Ethernet connections and the 2.4 GHz network are not affected. "This vulnerability allows an attacker to make the access point unresponsive to all clients and terminate any ongoing client connections," Black Duck said. "If data transmission to subsequent systems is ongoing, the data may become corrupted or, at a minimum, the transmission will be interrupted." The attack bypasses WPA2 and WPA3 protections, and it can be repeated indefinitely to cause prolonged network disruptions. Broadcom has released a patch to address the reported problem. Additional details have been withheld due to the potential risk it poses to numerous systems that use the chipset.

15. Smart contract exploit

Unknown threat actors have stolen $26 million worth of Ether from the Truebit cryptocurrency platform by exploiting a vulnerability in the company's five-year-old smart contract. "The attacker exploited a mathematical vulnerability in the smart contract's pricing of the TRU token, which set its value very close to zero," Halborn said. "With access to a low-cost source of TRU tokens, the attacker was able to drain value from the contract by selling them back to the contract at full price. The attacker performed a series of high-value mint requests that netted them a large amount of TRU tokens at negligible cost."

16. Invoice lure campaign

A new wave of attacks has been found to leverage invoice-themed lures in phishing emails to deceive recipients into opening a PDF attachment that displays an error message, instructing them to download the file by clicking on a button. Some of the links redirect to a page disguised as Google Drive that mimics MP4 video files, but, in reality, drop RMM tools such as Syncro, SuperOps, NinjaOne, and ScreenConnect for persistent remote access. "As they are not malware like backdoors or Remote Access Trojans (RATs), threat actors are increasingly leveraging them," AhnLab said. "This is because these tools have been designed to evade detection by security products like firewalls and anti-malware solutions, which are limited to simply detecting and blocking known malware strains."

17. Taiwan hospitals hit

A ransomware strain dubbed CrazyHunter has compromised at least six companies in Taiwan, most of them being hospitals. A Go-based ransomware and a fork of the Prince ransomware, it employs advanced encryption and delivery methods targeted against Windows-based machines, per Trellix. It also maintains a data leak site to publicize victim information. "The initial compromise often involves exploiting weaknesses in an organization's Active Directory (AD) infrastructure, frequently by leveraging weak passwords on domain accounts," the company said. The threat actors have been found to use SharpGPOAbuse to distribute the ransomware payload through Group Policy Objects (GPOs) and propagate it across the network. A modified Zemana anti-malware driver is used to elevate their privileges and kill security processes as part of a Bring Your Own Vulnerable Driver (BYOVD) attack. CrazyHunter is assessed to be active since at least early 2025, with Taiwanese authorities describing it as a Chinese hacker group comprising two individuals, Luo and Xu, who sold the stolen data to trafficking groups in both China and Taiwan. Two Taiwanese suspects alleged to be involved in data trafficking were arrested and subsequently released on bail last August.

That’s the wrap for this week. These stories show how fast things can change and how small risks can grow big if ignored.

Keep your systems updated, watch for the quiet stuff, and don’t trust what looks normal too quickly.

Next Thursday, ThreatsDay will be back with more short takes from the week’s biggest moves in hacking and security.

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.