Cyber Attacks Surge: Are You Safe Online?!

Welcome to today’s cybersecurity roundup – a daily dive into the latest vulnerabilities and incidents making waves across the digital landscape. Whether you’re managing a WordPress site or overseeing critical infrastructure, the news today serves as a timely reminder to stay on top of patches and good security hygiene. And if you ever need guidance on compliance or best practices, Synergos Consultancy is here to help businesses across Yorkshire and the wider UK navigate these choppy cyber waters.

WordPress Plugin and Theme Vulnerabilities

WordPress sites remain a prime target for attackers, and today’s news highlights several critical flaws in popular plugins and themes:

Critical File Moving and Privilege Escalation Issues

The WooCommerce Drag and Drop Multiple File Upload plugin (CVE-2025-2941) suffers from insufficient validation on file paths. This vulnerability lets unauthenticated attackers move files—potentially sensitive files like wp-config.php—resulting in remote code execution. Similarly, the Email Notifications for Updates plugin (CVE-2025-2933) lacks proper capability checks. This oversight could allow an attacker with basic access to escalate privileges by changing default registration settings, which, in a worst-case scenario, might enable administrator-level control.

Data Modification and Inclusion Exploits

Other WordPress vulnerabilities include the ZoomSounds WordPress Wave Audio Player with Playlist (CVE-2024-13776), where missing authorisation checks pave the way for denial-of-service attacks, and several instances of PHP remote file inclusion—in plugins such as JoomSky JS Job Manager (CVE-2025-32146), Stylemix MasterStudy LMS (CVE-2025-32141), and Stylemix Motors (CVE-2025-32142). Not to forget issues like the SQL injection flaws in winkm89 teachPress (CVE-2025-32149) and Daisycon prijsvergelijkers (CVE-2025-32148) that could allow attackers to manipulate database commands.

Inadequate authorisation is a recurring theme too, as seen with the Woffice CRM theme (CVE-2025-2798) and the Coothemes Easy WP Optimizer (CVE-2025-32147), which both suffer from missing access control measures.

Non-WordPress Vulnerabilities and Broader Cyber Incidents

Remote Code Execution and Buffer Overflows

Beyond WordPress, severe vulnerabilities are not far behind. An OS command injection in the ZendTo file-sharing tool (CVE-2021-47667) permits unauthenticated remote attackers to issue arbitrary commands, earning a severity score of 10. Similarly, Tenda RX3 network devices are hit with a critical buffer overflow flaw (CVE-2025-3259) that could be exploited remotely.

Privilege Escalation and Deserialization Risks

In the realm of database and application libraries, the aiven-extras PostgreSQL extension (CVE-2025-31480) offers attackers a path to superuser privileges unless promptly updated. A serious Remote Code Execution vulnerability has also been discovered in the BentoML Python library (CVE-2025-27520), highlighting the need for developers to upgrade to the secure version 1.4.3.

SQL Injection and Fast-Flux DNS Tactics

Further compounding the threat landscape are attacks targeting SQL injection vulnerabilities, as seen in the Shiptrack Booking Calendar (CVE-2025-31403). On a broader scale, cyber agencies are ringing alarm bells over fast flux DNS attacks—a technique that changes IP addresses on the fly to evade detection—and urging organisations to bolster collaborative defence strategies.

Other Notable Cyber Incidents and Emerging Threats

The threat extends beyond vulnerabilities in software. Recent reports point to a significant rise in cyber attacks across various sectors:

• More than a third of UK schools have reportedly been hit by crippling cyber attacks in the past year, raising serious concerns about the protection of educational infrastructure.
• Large Australian super funds experienced a wave of credential stuffing attacks over the weekend, compromising thousands of user accounts.
• Meanwhile, an FBI raid on the home of a former leader from a self-described “gay furry hacker” group underscores the unpredictable nature of today’s cybercrime landscape.
• Additionally, new phishing methods using QR codes—dubbed “Quishing”—are emerging, exploiting the trust users place in everyday technologies.

Not to be overlooked, Ivanti’s Connect Secure is currently under scrutiny due to an actively exploited RCE vulnerability. Organisations are urged to patch immediately to avoid falling prey to such attacks.

In an era where vulnerabilities are as diverse as they are critical, staying informed and regularly updating systems is essential. Whether you’re a developer, IT administrator, or business leader, grasping the nature of these threats is the first step in defusing potential cyber mishaps.

Keeping your cybersecurity measures current isn’t just about patching software—it’s about safeguarding your entire digital ecosystem. And with trusted experts like those at Synergos Consultancy on hand to provide tailored support for ISO Certifications and other compliance frameworks, you can navigate these challenges with confidence. Stay safe and stay vigilant!