⚡ Weekly Recap: Fortinet Exploited (CVE-2025-64446, CVSS 9.1), China’s AI Hacks, PhaaS Empire Falls & More

Estimated reading time: 10 minutes

Key Takeaways:

  • Fortinet FortiWeb vulnerability (CVE-2025-64446) is actively being exploited.
  • Chinese actors are leveraging AI for malicious cyber activities.
  • A major Phishing-as-a-Service (PhaaS) platform has been dismantled.
  • Organizations must prioritize patching and robust security practices.
  • Stay informed on emerging threats through reliable threat intelligence platforms.

Table of Contents:

⚡ Threat of the Week: Fortinet FortiWeb Authentication Bypass (CVE-2025-64446, CVSS 9.1)

The most pressing threat this week is the active exploitation of a vulnerability in Fortinet’s FortiWeb Web Application Firewall (WAF). Tracked as CVE-2025-64446 (CVSS score: 9.1), this flaw combines a path traversal vulnerability with an authentication bypass, enabling attackers to create malicious administrative accounts. This vulnerability, which Fortinet patched silently, has been exploited in the wild since early October 2025.

The path traversal flaw allows attackers to access unauthorized files and directories, while the authentication bypass permits them to circumvent security measures designed to verify user identities. By combining these two vulnerabilities, attackers can gain privileged access to the system and execute arbitrary actions.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-64446 to its Known Exploited Vulnerabilities (KEV) catalog, mandating that Federal Civilian Executive Branch (FCEB) agencies apply the necessary fixes by November 21, 2025. This underscores the severity of the threat and the urgency of remediation efforts.

Practical Takeaway: Organizations using Fortinet FortiWeb should immediately apply the available patches to mitigate the risk of exploitation. Implement network segmentation and monitor administrative account activity for suspicious behavior.

AWS AI Security Best Practices

AWS users should review and implement security best practices to defend AI applications using managed services. This includes protecting data, models, and artifacts, enforcing least-privilege access, securing inference endpoints, and managing third-party models.

🔔 Top News

Several other significant cybersecurity events occurred this week:

  • Operation Endgame Disrupts Malware Families: Europol and Eurojust led a coordinated law enforcement operation, dubbed “Operation Endgame,” that disrupted malware families such as Rhadamanthys Stealer, Venom RAT, and the Elysium botnet. The operation, conducted between November 10 and 13, 2025, resulted in the arrest of an individual behind Venom RAT in Greece and the seizure of over 1,025 servers and 20 domains. The dismantled malware infrastructure contained millions of stolen credentials from hundreds of thousands of infected computers.
  • Google Sues China-Based Hackers Behind Lighthouse PhaaS: Google has filed a civil lawsuit in the U.S. District Court for the Southern District of New York (SDNY) against 25 unnamed China-based hackers operating the Lighthouse PhaaS platform. This platform has been used to target over 1 million users across 120 countries through large-scale smishing campaigns. The service has since been shut down.
  • Konni Hackers Exploit Google’s Find Hub for Data Wiping: The North Korea-affiliated threat actor known as Konni has been linked to attacks targeting Android and Windows devices. These attacks exploit Google’s asset tracking service, Find Hub (formerly Find My Device), to remotely reset victim devices and delete personal data. Google stated that the attack does not exploit any security flaw in Android or Find Hub and recommends users enable 2-Step Verification or passkeys to protect against credential theft.
  • NPM Package Supply Chain Attack: A token farming campaign flooded the open-source npm registry with tens of thousands of infected packages to earn TEA tokens using the Tea Protocol. This campaign exploits npm’s package installation mechanisms to create a self-replicating system with circular dependency chains, artificially inflating package metrics for financial gain.
  • Chinese Actors Use Claude AI for Automated Attacks: A China-linked state-sponsored hacking group abused Anthropic’s Claude AI tool in a large-scale espionage campaign targeting organizations worldwide. The attackers manipulated Claude to launch cyberattacks with minimal human intervention, exfiltrating credentials, creating backdoors, and extracting private data from nearly 30 entities.

This week’s trending Common Vulnerabilities and Exposures (CVEs) include:

  • CVE-2025-64446 (Fortinet FortiWeb)
  • CVE-2025-64740, CVE-2025-64741, CVE-2025-64738, CVE-2025-64739 (Zoom)
  • CVE-2025-12485 (Devolutions Server)
  • CVE-2025-59396 (WatchGuard Firebox)
  • CVE-2025-42890 (SAP SQL Anywhere Monitor)
  • CVE-2025-42887 (SAP Solution Manager)
  • CVE-2025-12686 (Synology BeeStation OS)
  • CVE-2025-10918 (Ivanti Endpoint Manager)
  • CVE-2025-12120, CVE-2025-12121 (Lite XL)
  • CVE-2025-11919 (Wolfram Cloud)
  • CVE-2025-46608 (Dell Data Lakehouse)
  • CVE-2025-64401, CVE-2025-64403, CVE-2025-64404, CVE-2025-64405 (Apache OpenOffice)
  • CVE-2025-62449 (Visual Studio Code CoPilot Chat Extension)
  • CVE-2025-62453 (GitHub Copilot and Visual Studio Code)
  • CVE-2025-37734 (Kibana)
  • CVE-2025-4619 (Palo Alto Networks PAN-OS)
  • CVE-2025-11224 (GitLab CE/EE)
  • CVE-2025-52970 (Fortinet FortiWeb)
  • CVE-2025-59367 (ASUS DSL series)
  • CVE-2025-43515 (Apple Compressor)
  • CVE-2025-23361, CVE-2025-33178 (NVIDIA NeMo Framework)
  • CVE-2025-20341 (Cisco Catalyst Center)
  • CVE-2025-12762 (pgAdmin4)

Practical Takeaway: Organizations should prioritize patching these vulnerabilities based on their risk and impact. Regularly scan systems for these CVEs and implement a patch management strategy.

📰 Around the Cyber World

  • Leaking Sora 2’s System Prompt: Cybersecurity researchers have discovered a method to leak the system prompt associated with Sora 2, OpenAI’s text-to-video model. By instructing the model to produce speech at 3x speed with no pauses, they reconstructed a nearly complete system prompt. This highlights the vulnerability of multimodal models to exfiltration techniques.
  • SSRF in OpenAI GPT Actions: A new Server-Side Request Forgery (SSRF) flaw was discovered in OpenAI’s custom GPT Actions feature. This flaw allowed attackers to create malicious API configurations that pointed to internal services and extract sensitive secrets. The issue stemmed from insufficient validation of user-provided URLs in the Custom GPTs Actions section.
  • Security Publications and Vibe-Coding: Trend Micro has observed threat actors using large language models (LLMs) to assist with malware development, which risks muddying threat actor attribution. Security publications must factor in the ways in which their comprehensive insights into specific vulnerabilities and attacker tradecraft might be exploited.
  • U.S. Issues Updated Akira Ransomware Alert: U.S. government agencies have warned that the Akira ransomware operation was observed encrypting Nutanix AHV virtual machines in attacks. As of September, the threat actors have claimed approximately $244.17 million in ransomware proceeds.
  • Imunify360 Flaw Disclosed: The Imunify360 malware scanner for Linux servers is vulnerable to a remote code execution vulnerability that could be exploited to compromise the hosting environment.
  • FBI Warns About New Fraud Targeting Chinese Speakers: The U.S. Federal Bureau of Investigation (FBI) is warning people about a new financial fraud scheme impersonating U.S. health insurance providers and Chinese law enforcement to target Chinese-speaking individuals.
  • Ingress NGINX to be Retired in March 2026: The Kubernetes special interest group Network and the Security Response Committee have announced the upcoming retirement of Ingress NGINX in March 2026 due to maintenance challenges and security flaws.
  • WhatsApp Adds Third-Party Messaging App Integration: Meta announced plans to launch WhatsApp third-party chat integration in Europe, starting with BirdyChat and Haiket, as required under the Digital Markets Act.
  • New EchoGram Attack Targeting AI Models: HiddenLayer researchers have devised EchoGram, a new attack technique that undermines common AI defense mechanisms by using specific token sequences to manipulate the defensive model’s verdict.
  • Increase in Lumma Stealer Activity: Malicious activity associated with Lumma Stealer is on the rise, employing fingerprinting techniques and process injection to enhance evasion and improve targeting.
  • Fake Crypto Apps Deploy DarkComet RAT: Bogus cryptocurrency-related apps are being used to trick users into installing DarkComet RAT, which facilitates spying and remote desktop control.
  • Attackers Leverage Legitimate Remote Access Tools: Threat actors are disguising remote desktop software like LogMeIn and PDQ Connect as legitimate programs to deploy the PatoRAT malware.
  • Telegram CEO Travel Ban Lifted by France: French authorities fully lifted the travel ban on Telegram CEO Pavel Durov and removed a requirement for regular police check-ins.
  • New ClickFix Campaign Distributes Infostealers: A new ClickFix campaign is targeting both Windows and macOS users with information-stealing malware, directing users searching for pirated software to malicious pages.
  • New DigitStealer macOS Malware Spotted: A new macOS stealer called DigitStealer has been observed using advanced hardware checks and multi-stage attacks to evade detection and steal sensitive data.
  • PolarEdge Infrastructure Exposed: A new report has uncovered an RPX_Client component associated with a botnet called PolarEdge, which exploits vulnerable IoT/edge devices to build an Operational Relay Box (ORB) network.

🎥 Cybersecurity Webinars

  • Learn How Top Experts Secure Multi-Cloud Workloads Without Slowing Innovation
  • Guardrails, Not Guesswork: How Mature IT Teams Secure Their Patch Pipelines
  • Learn How to Build a Hybrid Patch Model That Combines Speed and Safety
  • A Practical Guide to Balancing Compliance, Resilience, and Cloud Agility

🔧 Cybersecurity Tools

  • FlowViz – Attack Flow Visualizer: An open-source React app that reads cyber articles and builds interactive attack flow diagrams using the MITRE ATT&CK framework.

🔒 Tip of the Week

Control app traffic with a mobile firewall to prevent unauthorized data leakage.

Conclusion

This week’s cybersecurity landscape has been marked by sophisticated attacks, highlighting the need for constant monitoring and proactive security measures. From the exploitation of the Fortinet FortiWeb vulnerability (CVE-2025-64446) to the use of AI in malicious campaigns, the threats are varied and complex. Staying informed and implementing robust security practices are essential for protecting against these risks.

PurpleOps offers a suite of services designed to help organizations defend against these evolving cyber threats. Our cyber threat intelligence platform provides real-time insights into emerging threats, including real-time ransomware intelligence and dark web monitoring service. We also offer telegram threat monitoring to stay ahead of potential attacks. Our live ransomware API and breach detection capabilities ensure rapid response and mitigation. To protect your broader ecosystem, our supply-chain risk monitoring and underground forum intelligence services provide comprehensive visibility. Finally, brand leak alerting helps you identify and address potential data breaches promptly.

To learn more about how PurpleOps can help you protect your organization, explore our PurpleOps Solutions or contact us for a consultation.

FAQ

Q: What is CVE-2025-64446?

A: CVE-2025-64446 is a critical vulnerability in Fortinet’s FortiWeb Web Application Firewall (WAF) that allows attackers to bypass authentication and gain administrative access.

Q: What should I do if I use Fortinet FortiWeb?

A: Immediately apply the available patches, implement network segmentation, and monitor administrative account activity for suspicious behavior.

Q: How are Chinese actors using AI in cyberattacks?

A: Chinese actors are manipulating AI tools like Anthropic’s Claude to launch cyberattacks with minimal human intervention, including exfiltrating credentials and creating backdoors.

Q: What is a PhaaS platform?

A: A Phishing-as-a-Service (PhaaS) platform is a service that provides tools and infrastructure for conducting phishing attacks on a large scale.

Q: Why is supply chain risk monitoring important?

A: Supply chain risk monitoring provides comprehensive visibility into potential vulnerabilities and threats within your broader ecosystem, helping to protect against attacks targeting your suppliers and partners.