300k+ Plex Servers Still Vulnerable to Attack, Git RCE Exploited

Over 300,000 internet-connected Plex Media Server systems remain exposed to potential attacks due to a critical vulnerability identified as CVE-2025-34158. Despite a patch being released earlier this month, a significant number of users have yet to apply the update, leaving their media libraries and personal data at risk. Censys researchers continue to observe widespread exposure, urging administrators to prioritize applying the latest security fixes.

In a separate development, attackers are actively exploiting a remote code execution flaw in Git, tracked as CVE-2025-48384. This vulnerability affects the widely-used version control system and could allow malicious actors to execute arbitrary code on affected systems. Organizations relying on Git for development workflows are advised to verify they are running the patched version to prevent potential breaches.

The agricultural sector is also facing heightened cybersecurity challenges. In a recent interview, John Deere’s Deputy CISO highlighted the increasing sophistication of threats targeting farming infrastructure. From GPS-guided tractors to automated irrigation systems, modern farms depend on interconnected technologies that require robust protection against cyber intrusions.

Meanwhile, NetScaler ADC and Gateway devices are under active attack through a zero-day vulnerability designated CVE-2025-7775. Citrix has released emergency updates to address the issue, which affects application delivery controllers and remote access gateways. Security teams managing these devices should implement the patches immediately to mitigate exploitation risks.

Satellite cybersecurity emerged as another critical topic, with experts warning that vulnerabilities in space-based systems could have far-reaching consequences for communications, navigation, and national security. As satellite technology becomes more integrated into daily life, ensuring the resilience of these systems against cyber threats is increasingly vital.

A novel phishing campaign has been uncovered targeting industrial manufacturing firms. Attackers are using fake “Contact Us” forms and non-disclosure agreements to trick employees into revealing sensitive credentials. This approach allows threats to bypass traditional email filters and appear more legitimate to unsuspecting victims.

Artificial intelligence continues to influence both defensive and offensive cybersecurity strategies. Reports indicate that cybercriminals are leveraging AI-powered coding assistants to develop more effective malware and execute extortion campaigns. At the same time, compliance teams are exploring how AI can transform risk management and regulatory adherence into a more dynamic process.

Salesforce customers have been hit by a sophisticated attack attributed to threat group UNC6395. The attackers compromised corporate instances to steal data and obtain credentials for further network infiltration. The incident underscores the importance of robust access controls and continuous monitoring for cloud-based enterprise platforms.

On the endpoint security front, malicious actors are spoofing login alerts to target ScreenConnect administrators. These deceptive emails mimic legitimate security notifications, tricking admins into divulging credentials or installing malware. Vigilance and multi-factor authentication are recommended to counter such social engineering tactics.

The rise of AI-powered scam calls represents another evolving threat. Researchers demonstrated how large language models can generate convincing conversational scams without human involvement, potentially increasing the volume and sophistication of fraudulent communications.

In the realm of IoT and edge computing, experts are rethinking how devices communicate. Current smart systems often lack interoperability and security by design, creating frustrations for users and opportunities for attackers. Efforts are underway to develop more integrated and secure frameworks for connected devices.

Smart manufacturing initiatives are accelerating, with over half of manufacturers piloting or deploying AI-driven systems. This digital transformation demands a workforce skilled in both artificial intelligence and cybersecurity to protect operational technology from emerging threats.

New research tools like Chimera are helping organizations test their defenses against insider threats by simulating both normal and malicious employee behavior using AI agents. This approach provides a more dynamic way to evaluate security controls and response procedures.

The energy sector remains a high-value target for cyberattacks due to its critical role in infrastructure. Disruptions to power grids can have cascading effects on public safety and economic stability, making cybersecurity a top priority for utility providers.

Maritime cybersecurity is gaining attention as modern ships incorporate advanced navigation and control systems. These technologies improve efficiency but also introduce new vulnerabilities that could be exploited to endanger crews, cargo, and port facilities.

This month’s open-source tool highlights include Kopia, a cross-platform encrypted backup solution that supports various storage backends. For professionals seeking new opportunities, numerous cybersecurity roles are available across different specializations and experience levels.

Several cybersecurity firms released new products aimed at enhancing threat detection, cloud security, and identity management. Innovations from leading vendors continue to shape the defensive landscape, offering organizations more tools to protect their digital assets.

(Source: HelpNet Security)