Critical Security Incidents Reported by ISC Stormcast on April 3, 2025

On April 3, 2025, the ISC Stormcast reported several security incidents. A critical vulnerability, CVE-2025-1234, was discovered in a widely used software, affecting versions 3.2 to 4.1. This flaw allows remote code execution and has already been exploited in targeted attacks. Companies are encouraged to immediately apply the available patch. Additionally, a significant increase in phishing attacks using deepfake techniques was observed, with over 500 incidents reported in March 2025. These attacks primarily target employees in the financial and healthcare sectors. Finally, a malware campaign using the Emotet Trojan was detected, targeting unpatched Windows systems.