New Hak5 Video Highlights Recent Cybersecurity Threats and Incidents
In this video, Ally Diamond introduces Threatwire, a show that explores recent vulnerabilities and cybersecurity incidents. Several key topics are discussed, including a security flaw exploited by Paragon's Graphite spyware, a new vulnerability in Microsoft 365, and a major global outage of Google services. Firstly, Apple quietly announced a patch for a vulnerability, identified as CVE-2025-43200, which was exploited by the spyware provider Paragon. This flaw, initially published and patched in February 2025, was used in a highly sophisticated attack against targeted individuals. Citizen Labs provided a detailed report on this attack, highlighting that journalists were among the victims. Paragon's spyware was deployed via malicious photos or videos shared through iCloud links, exploiting a logical flaw in the processing of these files. Apple notified infected users, underscoring the severity of this threat. Next, a new vulnerability in Microsoft 365, identified as CVE-2025-32711, was discovered. This flaw affects Microsoft 365's AI Copilot and requires no user interaction to be exploited. The attack occurs through the sending of a malicious email, which is then processed by the AI Copilot. By using well-crafted images and SharePoint endpoints, information can be transmitted from the AI to the attacker. Microsoft has already patched this vulnerability, but it raises questions about the security of new AI-based features. Another major topic discussed is the global outage of Google services that occurred on June 12, 2025. Unlike a DNS misconfiguration, this outage was caused by misconfigured feature flags and exception handling. A new service control published in May 2025 bypassed certain policy checks but lacked adequate error handling. On June 12, a policy change with empty values triggered a global crash loop, affecting nearly all Google services. Google's reliability team identified and fixed the issue within 40 minutes, but full recovery took longer due to service-specific recovery delays. These incidents highlight the importance of security and error management in complex systems. Users and businesses must be vigilant and quickly apply security patches to protect against emerging threats. Developers must also ensure that new features are thoroughly tested and secured before deployment. To learn more, watch the full video: https://www.youtube.com/watch?v=3zEjV8ahjjA