svoboda.center Logo svoboda.center

Svoboda Cybersecurity Brief November 01, 2025

Private VPN — just $1.2/mo

Australian Clinical Labs fined AU$5.8M for massive health data breach

Australian Clinical Labs received a landmark AU$5.8M penalty for failing to protect sensitive health data of 223,000 individuals due to systemic security lapses. This marks the first civil penalty under Australia’s Privacy Act, signaling stricter enforcement.
Source: DataBreaches.net

Conti ransomware operator extradited to US, faces 25-year sentence

Oleksii Lytvynenko, a Ukrainian national tied to the Conti ransomware group, was extradited from Ireland to the US for charges related to global attacks extorting $150M+. Conti targeted 1,000+ victims, including critical infrastructure.
Source: The Hacker News

Chinese hackers exploit unpatched Windows LNK flaw (CVE-2025-9491) against European diplomats

UNC6384 (Mustang Panda) used spear-phishing emails with malicious .LNK files exploiting CVE-2025-9491 to deploy PlugX RAT on diplomatic targets in Hungary, Belgium, and other EU nations. The flaw hides malicious commands in file properties.
Impact: Remote code execution via user interaction.
Mitigation: Block .LNK files, monitor C2 infrastructure, enforce macro/script restrictions.
Source: BleepingComputer

VMware zero-day (CVE-2025-41244) exploited by Chinese hackers for root access

UNC5174 leveraged CVE-2025-41244 in VMware Tools/Aria Operations since 2024 to escalate privileges to root on compromised VMs. The flaw is trivial to exploit and was patched in September 2025.
Impact: Local privilege escalation to SYSTEM/root.
Mitigation: Apply Broadcom’s patch, restrict administrative access.
Source: The Hacker News

Australian government warns of BadCandy webshell attacks on unpatched Cisco devices

Over 400 Cisco IOS XE devices in Australia were compromised via CVE-2023-20198, a critical flaw patched in 2023. BadCandy webshells persist on 150+ devices, with state-linked actors suspected.
Impact: Full device takeover via web UI.
Mitigation: Patch immediately, disable web UI if unused.
Source: BleepingComputer

The UK’s Legal Aid Agency confirmed a ShinyHunters breach first detected in April 2025, exposing 15 years of applicant data. Hackers bypassed an injunction to publish stolen data.
Source: DataBreaches.net

University of Pennsylvania hit by email breach mocking security practices

Attackers compromised Penn’s Salesforce Marketing Cloud to send offensive emails claiming a data breach. The university warned recipients to ignore the messages while investigating.
Source: BleepingComputer

Meduza Stealer creators arrested in Russia after targeting local org

Russian authorities detained three Meduza Stealer operators for hacking an Astrakhan institution. The malware hijacks browser sessions, cookies, and wallets via MaaS subscriptions.
Source: BleepingComputer

Japan releases OT security guide for semiconductor factories

New 130-page guidance aligns with NIST CSF 2.0, addressing risks like supply chain attacks and unauthorized physical access in chip manufacturing.
Source: SecurityWeek

Share this brief: https://svo.bz/CJEc

If you want to support us, you can donate here: Donate