Meta has disclosed a serious flaw in WhatsApp — CVE-2025-55177 — which “may have been exploited in a sophisticated attack against specific targeted users.”
The vulnerability stems from incomplete authorization of linked device synchronization messages, potentially allowing an unrelated user to process content from an arbitrary URL on a victim’s device.
Meta also linked the issue to Apple’s recently patched zero-click CVE-2025-43300, warning that both flaws may have been leveraged in spyware-style attacks.
Amnesty International’s security lab suggested the exploit was likely used by commercial surveillanceware vendors, often deployed against journalists, human rights activists, and political dissidents.
Microsoft mandates MFA for Azure
Starting October 1, Microsoft will require multi-factor authentication (MFA) for nearly all Azure operations, except read-only access.
Applies to Azure CLI, PowerShell, REST API, and IaC tools.
Extensions possible until July 1, 2026 for complex environments.
Service accounts in Microsoft Entra ID should migrate to workload identities for security.
Redmond stressed that MFA is now a baseline security expectation for cloud users.
Nissan confirms ransomware hit
Japanese automaker Nissan revealed its design subsidiary, Creative Box Inc., was breached by the Qilin ransomware gang.
Some design data was leaked, though full impact remains under investigation.
Qilin is notorious for aggressive extortion tactics and has previously been linked to deaths during ransomware-related disruptions.
Baltimore loses $1.5M in Workday fraud
The City of Baltimore admitted fraudsters diverted $1.5 million in public funds by compromising a vendor’s Workday account and altering banking details.
Nearly half of the funds were recovered.
Insurers refused to cover the remaining loss, citing lax controls.
The case underscores the risks of procurement fraud and weak financial system safeguards.
Critical FreePBX flaw under active exploitation
The open-source FreePBX project has confirmed exploitation of a CVSS 10 vulnerability that enables remote code execution and database manipulation.
Emergency patch released for versions 15, 16, and 17.
Older, end-of-life versions remain unpatched.
US CISA urges immediate upgrades and monitoring for rogue “ampuser” accounts.
Other cybersecurity headlines
AWS detects Russia’s Cozy Bear attempting to steal Microsoft credentials.
Pentagon ends Microsoft’s use of China-based support staff for DoD cloud.
UK government criticized for weak security reforms after Afghan data leak.
Researcher who hacked McDonald’s free-food app now targets Chinese restaurant robots.
