Cyber Threat Digest – 2025-09-29

🔥 Known Exploited Vulnerabilities (CISA KEV)

8 exploited vulns of note.

• CVE-2025-20362 — Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Missing Authorization Vulnerability — Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense (Added: 2025-09-25) — Details
• CVE-2025-20333 — Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) Buffer Overflow Vulnerability — Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense (Added: 2025-09-25) — Details
• CVE-2025-10585 — Google Chromium V8 Type Confusion Vulnerability — Google Chromium V8 (Added: 2025-09-23) — Details
• CVE-2025-5086 — Dassault Systèmes DELMIA Apriso Deserialization of Untrusted Data Vulnerability — Dassault Systèmes DELMIA Apriso (Added: 2025-09-11) — Details
• CVE-2025-38352 — Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition Vulnerability — Linux Kernel (Added: 2025-09-04) — Details
• CVE-2025-48543 — Android Runtime Use-After-Free Vulnerability — Android Runtime (Added: 2025-09-04) — Details
• CVE-2025-53690 — Sitecore Multiple Products Deserialization of Untrusted Data Vulnerability — Sitecore Multiple Products (Added: 2025-09-04) — Details
• CVE-2023-50224 — TP-Link TL-WR841N Authentication Bypass by Spoofing Vulnerability — TP-Link TL-WR841N (Added: 2025-09-03) — Details

---

⚠️ Recent CVEs (NVD)

Latest CVEs with CVSS badges.

• CVE-2025-11106 — A vulnerability has been found in code-projects Simple Scheduling System 1.0. This vulnerability affects unknown code of the file /schedulingsystem/addfaculty.php. Such manipulatio… MEDIUM 6.9 — Details
• CVE-2025-11107 — A vulnerability was found in code-projects Simple Scheduling System 1.0. This issue affects some unknown processing of the file /schedulingsystem/addcourse.php. Performing manipula… MEDIUM 6.9 — Details
• CVE-2025-11108 — A vulnerability was determined in code-projects Simple Scheduling System 1.0. Impacted is an unknown function of the file /schedulingsystem/addroom.php. Executing manipulation of t… MEDIUM 6.9 — Details
• CVE-2025-11109 — A vulnerability was identified in Campcodes Computer Sales and Inventory System 1.0. The affected element is an unknown function of the file /pages/us_edit.php?action=edit. The man… MEDIUM 6.9 — Details
• CVE-2025-11110 — A security flaw has been discovered in Campcodes Online Learning Management System 1.0. The impacted element is an unknown function of the file /admin/school_year.php. The manipula… MEDIUM 6.9 — Details
• CVE-2025-11111 — A weakness has been identified in Campcodes Advanced Online Voting Management System 1.0. This affects an unknown function of the file /admin/candidates_edit.php. This manipulation… MEDIUM 6.9 — Details

---

📰 Security News

Top headlines from trusted sources.

• OpenAI is routing GPT-4o to safety models when it detects harmful activities
  — Mon, 29 Sep 2025 12:04:25 GMT
• Akira ransomware breaching MFA-protected SonicWall VPN accounts
  — Sun, 28 Sep 2025 18:49:30 GMT
• EU probes SAP over anti-competitive ERP support practices
  — Sun, 28 Sep 2025 14:23:46 GMT
• Fake Microsoft Teams installers push Oyster malware via malvertising
  — Sat, 27 Sep 2025 19:49:22 GMT
• Dutch teens arrested for trying to spy on Europol for Russia
  — Sat, 27 Sep 2025 14:17:44 GMT
• Microsoft's new AI feature will organize your photos automatically
  — Fri, 26 Sep 2025 19:41:18 GMT