New Video from @hak5 Highlights Critical Cybersecurity Vulnerabilities and Acquisitions

In this new video from the @hak5 channel, Alli Diamond introduces Threatwire, a show that explores the latest vulnerabilities and major acquisitions in the field of cybersecurity. Several crucial topics are discussed, including a critical vulnerability in the JavaScript framework Nex.js, Google's acquisition of Whiz, and security flaws in the Ingress EngineX controller for Kubernetes. The first part of the video focuses on a major vulnerability in Nex.js, a popular JavaScript framework. This flaw, identified by CVE-2025-29927, has a CVSS score of 9.1, indicating high severity. Researchers Enzo and Zero discovered that this vulnerability allowed authorization bypass by including certain headers in requests. Using tools like Burp Suite, attackers could easily exploit this flaw. More than 400,000 instances of Nex.js are potentially vulnerable, and an update has been released to fix this issue. It is important to note that Nex.js deployments on Vercel are already protected against this vulnerability. Another topic covered is Google's acquisition of Whiz for $32 billion in cash. Whiz is a cloud security company that had previously refused a $23 billion offer from Google in 2024. This acquisition is significant as it represents a substantial portion of Google Cloud's annual revenue. Google has a history of acquiring security companies, such as Mandiant in 2022, and it is likely that Whiz will be integrated into Google's cloud security offerings. The video then moves on to a series of critical vulnerabilities in the Ingress EngineX controller for Kubernetes, dubbed #ingressnightmare. These flaws, identified by CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098, and CVE-2025-1974, allow unauthenticated remote code execution. Researchers at Whiz discovered that these vulnerabilities affect approximately 43% of cloud environments. Patches for these flaws were in development at the time of the video's publication. Finally, the video discusses a major compromise of a GitHub action, TJ actions/changed files, used in over 23,000 repositories. This action was compromised for two days, publishing CI/CD secrets in build logs. Attackers used a personal access token to make a malicious commit and update version tags to point to this commit. It is recommended to rotate secrets if you use this GitHub action. This video provides valuable insights into the latest threats and developments in the field of cybersecurity. It underscores the importance of staying vigilant and regularly updating systems to protect against vulnerabilities. For more details, watch the full video on YouTube.