{"id":4426,"date":"2025-03-10T07:00:00","date_gmt":"2025-03-10T07:00:00","guid":{"rendered":"https:\/\/www.d2na.com\/?p=4426"},"modified":"2025-03-07T11:51:56","modified_gmt":"2025-03-07T11:51:56","slug":"weekly-security-news-10th-march-2025","status":"publish","type":"post","link":"https:\/\/www.d2na.com\/index.php\/2025\/03\/10\/weekly-security-news-10th-march-2025\/","title":{"rendered":"Weekly Security News – 10th March 2025"},"content":{"rendered":"<\/span> 4<\/span> mins read<\/span><\/span>\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

IoT devices infected, malware on Android devices, vulnerabilities for HiveOS and WordPress...<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Welcome to this week’s Security News. We’ve collated the best articles from the around the internet and put them all into one place. If you have any queries or concerns about anything in this week’s news, then please get in touch with our team who can advise further. For our existing clients, if we believe anything may affect your organisation, our team will be in touch directly.\u00a0<\/p>\n

<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Vulnerabilities and Patches<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

WordPress Plugin Vulnerability Exposes 10,000 Sites to Code Execution Attacks<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

A critical security flaw in the GiveWP Donation Plugin tracked as CVE-2025-0912, has exposed over 100,000 WordPress websites to unauthenticated remote code execution (RCE) attacks.\u00a0<\/p>

The vulnerability, scoring a maximum CVSS 9.8 (Critical) severity rating, originates from improper handling of user-supplied data in the plugin\u2019s donation form processing logic.\u00a0<\/p>

Exploiting this flaw allows attackers to inject malicious PHP objects via deserialization of untrusted input, leveraging a POP (Property-Oriented Programming) chain to achieve full server compromise.<\/p>

The vulnerability resides in the plugin\u2019s handling of the card_address parameter within donation forms.\u00a0<\/p>

Versions up to and including 3.19.4 fail to validate or sanitize serialized data passed through this field, enabling PHP Object Injection (CWE-502).\u00a0<\/p>

During donation processing, the give_process_donation_form() function deserializes user input without proper checks, allowing attackers to craft payloads that instantiate arbitrary PHP objects.<\/p>

A critical factor enabling RCE is the presence of exploitable POP chains in the plugin\u2019s codebase. These chains allow attackers to string together gadget methods such as destructors or wakeup functions to escalate object injection into system command execution, reads Wordfence\u00a0report.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t

HiveOS Vulnerabilities Let Attackers Execute Arbitrary Commands<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Security researchers have uncovered three critical vulnerabilities in Extreme Networks\u2019 IQ Engine (HiveOS) that collectively enable authenticated attackers to escalate privileges, decrypt passwords, and\u00a0execute arbitrary commands\u00a0on affected systems.\u00a0<\/p>

The flaws\u2014tracked as CVE-2025-27229, CVE-2025-27228, and CVE-2025-27227\u2014were disclosed through coordinated efforts led by Lukas Schauer of Bonn-Rhein-Sieg University of Applied Sciences, prompting Extreme Networks to release patched firmware (version 10.7r5).<\/p>

The most severe vulnerability, CVE-2025-27229, stems from improper sanitization of SSH tunnel configurations in HiveOS versions prior to 10.7r5.\u00a0<\/p>

Attackers with authenticated user access could manipulate\u00a0SSH parameters\u00a0to inject malicious arguments into the sshd service, bypassing privilege controls to gain root shell access.\u00a0<\/p>

This exploit leverages the lack of input validation in the tunnel.c module, where environment variables like PermitRootLogin and AllowTcpForwarding are dynamically configured without sandboxing.<\/p>

Parallel to this, CVE-2025-27228 exposes a cryptographic weakness in HiveOS\u2019 command-line interface (CLI).\u00a0<\/p>

The user-config utility stores passwords using a deterministic encryption algorithm with a static initialization vector (IV), allowing authenticated users to decrypt credentials via CLI commands.<\/p>

Researchers demonstrated that hashes encrypted with AES-256-CBC could be reversed in under 90 seconds using GPU-accelerated brute-force attacks.<\/p>

These vulnerabilities create a trifecta of risks for enterprises using unpatched HiveOS deployments. An attacker with low-privilege credentials could:<\/p>

  • Extract administrative passwords via CVE-2025-27228<\/li>
  • Escalate to root using CVE-2025-27229<\/li>
  • Deploy persistent backdoors via CVE-2025-27227<\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t\t
    \n\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t

    Cyber Attacks<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t\t
    \n\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t

    BadBox malware disrupted on 500K infected Android devices<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    The BadBox Android malware botnet has been disrupted again by removing 24 malicious apps from Google Play and sink holing communications for half a million infected devices.<\/p>

    The BadBox botnet is a cyber-fraud operation targeting primarily low-cost Android-based devices like TV streaming boxes, tablets, smart TVs, and smartphones.<\/p>

    These devices either come pre-loaded with the BadBox malware from the manufacturer or are infected by malicious apps or firmware downloads.<\/p>

    The malware then turns the devices into residential proxies, generates fake ad impressions on the infected devices, redirects users to low-quality domains as part of fraudulent traffic distribution operations, and uses people’s IPs to create fake accounts and perform credential stuffing attacks.<\/p>

    Last December, German authorities\u00a0disrupted the malware\u00a0for infected devices in the country. However, a few days later, BitSight reported that the malware had been found in at least\u00a0192,000 devices, showing resilience against law enforcement action.<\/p>

    Since then, it is estimated that the botnet has grown to over 1,000,000 infections, impacting Android devices in 222 countries, with most located in Brazil (37.6%), the United States (18.2%), Mexico (6.3%), and Argentina (5.3%).<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

    \n\t\t\t\t\t\t
    \n\t\t\t\t\t
    \n\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t

    New Eleven11bot botnet infects 86,000 devices for DDoS attacks<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    A new botnet malware named ‘Eleven11bot’ has infected over 86,000 IoT devices, primarily security cameras and network video recorders (NVRs), to conduct DDoS attacks.<\/p>

    The botnet, which is loosely linked to Iran, has already launched distributed denial of service (DDoS) attacks targeting telecommunication service providers and online gaming servers.<\/p>

    Eleven11bot was discovered by Nokia researchers who shared the details with the threat monitoring platform GreyNoise.<\/p>

    The video player is currently playing an ad. You can skip the ad in 5 sec with a mouse or keyboard<\/p>

    Nokia’s security researcher, J\u00e9r\u00f4me Meyer, commented that Eleven11bot is one of the largest DDoS botnets they have observed in recent years.<\/p>

    “Primarily composed of compromised webcams and Network Video Recorders (NVRs), this botnet has rapidly grown to exceed 30,000 devices,”\u00a0stated Meyer on LinkedIn.<\/p>

    “Its size is exceptional among non-state actor botnets, making it one of the largest known DDoS botnet campaigns observed since the invasion of Ukraine in February 2022.”<\/p>

    Earlier today, threat monitoring platform The Shadowserver Foundation\u00a0reported\u00a0seeing 86,400 devices infected by the Eleven11bot botnet, with most in the United States,\u00a0the United Kingdom, Mexico, Canada, and Australia.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

    \n\t\t\t\t\t\t
    \n\t\t\t\t\t
    \n\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t

    BigAnt Server 0-day Vulnerability Let Attackers Execute Malicious Code Via File Uploads<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    A critical\u00a0zero-day vulnerability\u00a0in BigAntSoft\u2019s BigAnt Server (CVE-2025-0364) allows unauthenticated attackers to execute arbitrary code on affected systems through a chain of SaaS registration abuses and PHP file uploads.\u00a0<\/p>

    The flaw, discovered by VulnCheck researchers during an analysis of a misrated CVSS score for CVE-2024-54761, impacts all versions \u22645.6.06 of the Windows-based enterprise chat platform.<\/p>

    The exploit chain begins with a default-enabled SaaS registration portal at \/index.php\/Home\/Saas\/reg_email.html, which permits organizational account creation after solving a basic CAPTCHA challenge.<\/p>

    Attackers leverage this to create administrative accounts tied to attacker-controlled\u00a0SaaS organizations.\u00a0<\/p>

    The registration process exposes critical session variables through debug endpoints like \/index.php\/Addin\/login\/index.html, enabling UUID extraction for SaaS activation.<\/p>

    Post-registration, attackers manipulate session cookies to hijack the SaaS context. This forces the server to bind the session to the malicious SaaS organization, allowing access to the Cloud Drive Add-in.\u00a0<\/p>

    The system improperly validates file uploads in the Add-in module, accepting PHP files without\u00a0authentication\u00a0checks.\u00a0<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

    \n\t\t\t\t\t\t
    \n\t\t\t\t\t
    \n\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t

    In Other News...<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t\t
    \n\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t

    New Microsoft 365 outage impacts Teams, causes call failures<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    Microsoft is investigating a new Microsoft 365 outage that is affecting Teams customers\u00a0and causing call failures.<\/p>

    Since the incident started more than\u00a0one\u00a0hour\u00a0ago, outage monitoring service Downdetector has received\u00a0hundreds of reports, with affected users saying they’re also experiencing authentication problems.<\/p>

    “Users may not be able to receive calls placed through Microsoft Teams-provisioned auto attendants and call queues,” the company\u00a0said in a new service alert (TM1022107) in the Microsoft 365 admin center.<\/p>

    The video player is currently playing an ad. You can skip the ad in 5 sec with a mouse or keyboard<\/p>

    “We’re analyzing service telemetry and call metadata to better understand the nature of impact and determine our next steps.”<\/p>

    Microsoft has yet to share what regions are impacted by this ongoing outage and more information on the incident’s root cause.<\/p>

    Despite Redmond saying\u00a0the incident only affects the Teams communication platform, users report a much broader impact. They’re also experiencing issues connecting to Outlook, OneDrive, and Exchange or checking email messages.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

    <\/span> 4<\/span> mins read<\/span><\/span>IoT devices infected, malware on Android devices, vulnerabilities for HiveOS and WordPress… Welcome to this week’s Security News. We’ve collated the best articles from the around the internet and put them all into one place. If you have any queries or concerns about anything in this week’s news, then please get in touch with our […]<\/p>\n","protected":false},"author":1,"featured_media":4434,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[355],"tags":[287,285,286,289,288,284],"class_list":["post-4426","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security-news","tag-cyber-attacks","tag-cyber-security","tag-news","tag-patches","tag-vulnerabilities","tag-weekly-security-news"],"yoast_head":"\nWeekly Security News - 10th March 2025 - D2NA<\/title>\n<meta name=\"description\" content=\"Microsoft shutting down Skype, over 1.6m Android TV's infected worldwide, vulnerabilities for Microsoft, Adobe and Oracle...\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.d2na.com\/index.php\/2025\/03\/10\/weekly-security-news-10th-march-2025\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Weekly Security News - 10th March 2025\" \/>\n<meta property=\"og:description\" content=\"Microsoft shutting down Skype, over 1.6m Android TV's infected worldwide, vulnerabilities for Microsoft, Adobe and Oracle...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.d2na.com\/index.php\/2025\/03\/10\/weekly-security-news-10th-march-2025\/\" \/>\n<meta property=\"og:site_name\" content=\"D2NA\" \/>\n<meta property=\"article:published_time\" content=\"2025-03-10T07:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/03\/2025-03-10.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"627\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Shaun Conway\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@D2NA\" \/>\n<meta name=\"twitter:site\" content=\"@D2NA\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Shaun Conway\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/03\\\/10\\\/weekly-security-news-10th-march-2025\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/03\\\/10\\\/weekly-security-news-10th-march-2025\\\/\"},\"author\":{\"name\":\"Shaun Conway\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/person\\\/624fbd3965489b22f6dcfc6d7eb4fb36\"},\"headline\":\"Weekly Security News – 10th March 2025\",\"datePublished\":\"2025-03-10T07:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/03\\\/10\\\/weekly-security-news-10th-march-2025\\\/\"},\"wordCount\":1260,\"publisher\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/03\\\/10\\\/weekly-security-news-10th-march-2025\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/03\\\/2025-03-10.jpg\",\"keywords\":[\"cyber attacks\",\"cyber security\",\"news\",\"patches\",\"vulnerabilities\",\"weekly security news\"],\"articleSection\":[\"Security News\"],\"inLanguage\":\"en-GB\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/03\\\/10\\\/weekly-security-news-10th-march-2025\\\/\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/03\\\/10\\\/weekly-security-news-10th-march-2025\\\/\",\"name\":\"Weekly Security News - 10th March 2025 - D2NA\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/03\\\/10\\\/weekly-security-news-10th-march-2025\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/03\\\/10\\\/weekly-security-news-10th-march-2025\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/03\\\/2025-03-10.jpg\",\"datePublished\":\"2025-03-10T07:00:00+00:00\",\"description\":\"Microsoft shutting down Skype, over 1.6m Android TV's infected worldwide, vulnerabilities for Microsoft, Adobe and Oracle...\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/03\\\/10\\\/weekly-security-news-10th-march-2025\\\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/03\\\/10\\\/weekly-security-news-10th-march-2025\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/03\\\/10\\\/weekly-security-news-10th-march-2025\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/03\\\/2025-03-10.jpg\",\"contentUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/03\\\/2025-03-10.jpg\",\"width\":1200,\"height\":627,\"caption\":\"2025-03-10\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/03\\\/10\\\/weekly-security-news-10th-march-2025\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.d2na.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Weekly Security News – 10th March 2025\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#website\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/\",\"name\":\"D2NA\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.d2na.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#organization\",\"name\":\"D2 Network Associates Limited\",\"alternateName\":\"D2NA\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/Header-Logo.png\",\"contentUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/Header-Logo.png\",\"width\":180,\"height\":60,\"caption\":\"D2 Network Associates Limited\"},\"image\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/D2NA\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/d2-network-associates-ltd\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/person\\\/624fbd3965489b22f6dcfc6d7eb4fb36\",\"name\":\"Shaun Conway\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g\",\"caption\":\"Shaun Conway\"},\"sameAs\":[\"https:\\\/\\\/www.d2na.com\"],\"url\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/author\\\/shaun-conway\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Weekly Security News - 10th March 2025 - D2NA","description":"Microsoft shutting down Skype, over 1.6m Android TV's infected worldwide, vulnerabilities for Microsoft, Adobe and Oracle...","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.d2na.com\/index.php\/2025\/03\/10\/weekly-security-news-10th-march-2025\/","og_locale":"en_GB","og_type":"article","og_title":"Weekly Security News - 10th March 2025","og_description":"Microsoft shutting down Skype, over 1.6m Android TV's infected worldwide, vulnerabilities for Microsoft, Adobe and Oracle...","og_url":"https:\/\/www.d2na.com\/index.php\/2025\/03\/10\/weekly-security-news-10th-march-2025\/","og_site_name":"D2NA","article_published_time":"2025-03-10T07:00:00+00:00","og_image":[{"width":1200,"height":627,"url":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/03\/2025-03-10.jpg","type":"image\/jpeg"}],"author":"Shaun Conway","twitter_card":"summary_large_image","twitter_creator":"@D2NA","twitter_site":"@D2NA","twitter_misc":{"Written by":"Shaun Conway","Estimated reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.d2na.com\/index.php\/2025\/03\/10\/weekly-security-news-10th-march-2025\/#article","isPartOf":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/03\/10\/weekly-security-news-10th-march-2025\/"},"author":{"name":"Shaun Conway","@id":"https:\/\/www.d2na.com\/#\/schema\/person\/624fbd3965489b22f6dcfc6d7eb4fb36"},"headline":"Weekly Security News – 10th March 2025","datePublished":"2025-03-10T07:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/03\/10\/weekly-security-news-10th-march-2025\/"},"wordCount":1260,"publisher":{"@id":"https:\/\/www.d2na.com\/#organization"},"image":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/03\/10\/weekly-security-news-10th-march-2025\/#primaryimage"},"thumbnailUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/03\/2025-03-10.jpg","keywords":["cyber attacks","cyber security","news","patches","vulnerabilities","weekly security news"],"articleSection":["Security News"],"inLanguage":"en-GB"},{"@type":"WebPage","@id":"https:\/\/www.d2na.com\/index.php\/2025\/03\/10\/weekly-security-news-10th-march-2025\/","url":"https:\/\/www.d2na.com\/index.php\/2025\/03\/10\/weekly-security-news-10th-march-2025\/","name":"Weekly Security News - 10th March 2025 - D2NA","isPartOf":{"@id":"https:\/\/www.d2na.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/03\/10\/weekly-security-news-10th-march-2025\/#primaryimage"},"image":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/03\/10\/weekly-security-news-10th-march-2025\/#primaryimage"},"thumbnailUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/03\/2025-03-10.jpg","datePublished":"2025-03-10T07:00:00+00:00","description":"Microsoft shutting down Skype, over 1.6m Android TV's infected worldwide, vulnerabilities for Microsoft, Adobe and Oracle...","breadcrumb":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/03\/10\/weekly-security-news-10th-march-2025\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.d2na.com\/index.php\/2025\/03\/10\/weekly-security-news-10th-march-2025\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.d2na.com\/index.php\/2025\/03\/10\/weekly-security-news-10th-march-2025\/#primaryimage","url":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/03\/2025-03-10.jpg","contentUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/03\/2025-03-10.jpg","width":1200,"height":627,"caption":"2025-03-10"},{"@type":"BreadcrumbList","@id":"https:\/\/www.d2na.com\/index.php\/2025\/03\/10\/weekly-security-news-10th-march-2025\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.d2na.com\/"},{"@type":"ListItem","position":2,"name":"Weekly Security News – 10th March 2025"}]},{"@type":"WebSite","@id":"https:\/\/www.d2na.com\/#website","url":"https:\/\/www.d2na.com\/","name":"D2NA","description":"","publisher":{"@id":"https:\/\/www.d2na.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.d2na.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/www.d2na.com\/#organization","name":"D2 Network Associates Limited","alternateName":"D2NA","url":"https:\/\/www.d2na.com\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.d2na.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/12\/Header-Logo.png","contentUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/12\/Header-Logo.png","width":180,"height":60,"caption":"D2 Network Associates Limited"},"image":{"@id":"https:\/\/www.d2na.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/D2NA","https:\/\/www.linkedin.com\/company\/d2-network-associates-ltd\/"]},{"@type":"Person","@id":"https:\/\/www.d2na.com\/#\/schema\/person\/624fbd3965489b22f6dcfc6d7eb4fb36","name":"Shaun Conway","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/secure.gravatar.com\/avatar\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g","caption":"Shaun Conway"},"sameAs":["https:\/\/www.d2na.com"],"url":"https:\/\/www.d2na.com\/index.php\/author\/shaun-conway\/"}]}},"_links":{"self":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts\/4426","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/comments?post=4426"}],"version-history":[{"count":7,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts\/4426\/revisions"}],"predecessor-version":[{"id":4433,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts\/4426\/revisions\/4433"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/media\/4434"}],"wp:attachment":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/media?parent=4426"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/categories?post=4426"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/tags?post=4426"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}