Cybersecurity Alert: Major Vulnerabilities Exposed Now

Today’s cybersecurity roundup brings a mix of critical vulnerabilities, strategic investments, and geopolitical threats that continue to shape the threat landscape. In a series of high-severity findings, researchers have identified several critical bugs across various platforms and devices, notably affecting IBM’s QRadar SIEM, TOTOLINK, and D-Link products. Let’s take a closer look.

IBM QRadar SIEM Under Spotlight

IBM has recently released an urgent security update for its QRadar SIEM platform after researchers uncovered multiple critical vulnerabilities. One such issue—catalogued as CVE-2025-33117—could allow a privileged user to modify configuration files. This, in turn, opens the door for the upload of a malicious auto-update file, potentially leading to the execution of arbitrary commands. These findings have raised alarms given the sensitivity of security event information processed by QRadar. It’s a classic reminder of how even well-trusted systems can harbour hidden perils.

Buffer Overflow Vulnerabilities in Network Devices

Networking equipment is also in the crosshairs. A critical vulnerability (CVE-2025-6302) was discovered in the TOTOLINK EX1200T router. Here, manipulation of the Comment argument in a specific CGI script can trigger a stack-based buffer overflow, enabling remote attacks. Similarly, two vulnerabilities in D-Link DIR-825, identified as CVE-2025-6292 and CVE-2025-6291, allow remote adversaries to exploit the HTTP POST Request Handler to trigger buffer overflows. Although these D-Link issues affect devices that are no longer supported by the manufacturer, they remain a serious concern for legacy systems still in use.

Geopolitical Cyber Tensions and the Crypto Heist

On the geopolitical front, insiders warn that escalating tensions in the Middle East could prompt the Iranian regime to utilise cyber proxies to target the US, possibly in tandem with terrorist initiatives. Meanwhile, the mysterious hacker group Gonjeshke Darande, linked to a sizeable crypto heist, has drawn attention after allegedly stealing and burning an astonishing $90 million from Iran’s Nobitex crypto exchange. These incidents underscore the broad spectrum of contemporary cyber threats—from state-sponsored espionage to financially motivated cybercrime.

Additional Critical Findings: SQL Injection in ERP Systems

Another alarming discovery impacts enterprise resource planning systems. A critical SQL Injection vulnerability (CVE-2025-4738) was identified in Yirmibes Software’s MY ERP platform. The flaw, caused by improper neutralisation of special elements in SQL commands, potentially allows unauthorised access to sensitive data. Given the reliance of businesses on ERP systems, the exploitation of such vulnerabilities could result in severe operational disruptions.

Among all these ever-evolving cyber threats and vulnerabilities, organisations are reminded to continuously review and update their cybersecurity defences. At Synergos Consultancy, we work closely with UKAS-accredited bodies to help businesses stay compliant with key standards like ISO certifications and GDPR, ensuring robust security practices even in turbulent times. In the fast-paced digital world, staying informed isn’t just wise—it’s essential.

Keep your systems updated, and always keep an eye on the latest cybersecurity news. Every day brings a new twist in the saga of digital security, and a little vigilance can make all the difference.