Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Is your industry at risk? Everyone should be adequately prepared to resist and recover from cyber threats, but these sectors will most likely be targeted in 2025 (based on insights from Spambrella cybersecurity specialists).

Today, in the cyber environment, web applications are irreplaceable; we use them for everything from banking to social networking. On the one hand, they have given new impetus to smooth internet traffic. Still, they carry the risk of vulnerabilities of the type of Cross-Site Scripting (XSS), one of the most destructive types of vulnerabilities for cyber security.

On December 11, 2024, Cleo released patches addressing the zero-day vulnerability recently observed in attacks targeting Cleo Managed File Transfer (MFT) products. This vulnerability allowed unauthenticated threat actors to import and execute arbitrary shell commands on Windows and Linux on affected devices by exploiting default settings of the Autorun directory. The fix is included in version 5.8.0.24, and is now available for Cleo Harmony, VLTrader, and Lexicom.

The ultralytics supply chain attack occurred in two distinct phases between December 4-7, 2024. In the first phase, two malicious versions were published to PyPI: version 8.3.41 was released on December 4 at 20:51 UTC and remained available for approximately 12 hours until its removal on December 5 at 09:15 UTC. Version 8.3.42 was published shortly after on December 5 at 12:47 UTC and was available for about one hour before removal at 13:47 UTC.

On December 10, 2024, Ivanti released updates for three critical-severity vulnerabilities impacting their Cloud Services Application. By chaining the vulnerabilities together, a threat actor could obtain administrative privileges via authentication bypass (CVE-2024-11639), which could then allow for remote code execution (CVE-2024-11172) and/or SQL injection (CVE-2024-11173).