Week in Review: Over 300,000 Plex Media Server instances remain at risk of attack, while a Git RCE vulnerability has been leveraged to enhance SEO.

Last week, significant cybersecurity concerns emerged, notably with over 300,000 internet-facing Plex Media Server instances remaining vulnerable to attack via CVE-2025-34158. This critical vulnerability was addressed by Plex earlier in the month, as highlighted by Censys. Additionally, attackers have been exploiting CVE-2025-48384, a recently patched vulnerability in the widely used distributed revision control system Git, raising alarms about its potential for remote code execution.

In an insightful interview with Help Net Security, Carl Kubalsky, Director and Deputy CISO at John Deere, discussed the pressing security challenges faced in agriculture. He elaborated on how his team collaborates with partners and ethical hackers to stay ahead of adversaries, outlining priorities for the next 12 to 18 months. Meanwhile, three new vulnerabilities affecting Citrix NetScaler Application Delivery Controller (ADC) and Gateway devices were made public, with CVE-2025-7775 being actively targeted in zero-day attacks. Brett Loubert, leader of Deloitte’s U.S. Space practice, also emphasised the importance of satellite cybersecurity, detailing the risks and vulnerable points within satellite systems.

A recent phishing campaign targeting industrial manufacturing firms was uncovered, employing “Contact Us” forms and fake NDAs to bypass security measures. Check Point researchers warned that this campaign could significantly impact critical supply chains. In another interview, Matt Hillary, CISO at Drata, discussed how AI is transforming governance, risk, and compliance, making it a continuous and adaptive process. Furthermore, a report from AI startup Anthropic revealed that cybercriminals have begun using AI coding assistants to breach and extort 17 distinct organisations. Andrew Hillier, CTO at Densify, explored the intersection of security, DevOps, and data science in AI strategy, advocating for a focus on “yield” for sustainable AI operations. Lastly, a threat group identified as UNC6395 has successfully targeted hundreds of Salesforce customer organisations, stealing vast amounts of data in search of credentials. 

Categories: Cybersecurity Vulnerabilities, Phishing Attacks, AI in Security 

Tags: Plex Media Server, Vulnerability, CVE-2025-34158, Git, RCE, Cybersecurity, Phishing, AI, Compliance, Salesforce