{"id":4835,"date":"2025-06-09T08:42:50","date_gmt":"2025-06-09T07:42:50","guid":{"rendered":"https:\/\/www.d2na.com\/?p=4835"},"modified":"2025-06-09T09:51:51","modified_gmt":"2025-06-09T08:51:51","slug":"weekly-security-news-9th-june-2025","status":"publish","type":"post","link":"https:\/\/www.d2na.com\/index.php\/2025\/06\/09\/weekly-security-news-9th-june-2025\/","title":{"rendered":"Weekly Security News – 9th June 2025"},"content":{"rendered":"<\/span> 5<\/span> mins read<\/span><\/span>\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Linux and Safari flaws exposed, attackers gain control of Android devices, what's next for ChatGPT?<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Welcome to this week’s Security News. We’ve collated the best articles from the around the internet and put them all into one place. If you have any queries or concerns about anything in this week’s news, then please get in touch with our team who can advise further. For our existing clients, if we believe anything may affect your organisation, our team will be in touch directly.\u00a0<\/p>\n

<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Vulnerabilities and Patches<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

New Linux Flaws Allow Password Hash Theft via Core Dumps in Ubuntu, RHEL, Fedora<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Two information disclosure flaws have been identified in\u00a0apport\u00a0and\u00a0systemd-coredump, the\u00a0core dump\u00a0handlers in Ubuntu, Red Hat Enterprise Linux, and Fedora, according to the Qualys Threat Research Unit (TRU).<\/p>

Tracked as\u00a0CVE-2025-5054 and CVE-2025-4598, both vulnerabilities are race condition bugs that could enable a local attacker to obtain access to access sensitive information. Tools like Apport and systemd-coredump are designed to handle crash reporting and core dumps in Linux systems.<\/p>

“These race conditions allow a local attacker to exploit a SUID program and gain read access to the resulting core dump,” Saeed Abbasi, manager of product at Qualys TRU,\u00a0said.<\/p>

A brief description of the two flaws is below –<\/p>

  • CVE-2025-5054\u00a0(CVSS score: 4.7) – A race condition in Canonical apport package up to and including 2.32.0 that allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces<\/li>
  • CVE-2025-4598\u00a0(CVSS score: 4.7) – A race condition in systemd-coredump that allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original’s privileged process coredump, allowing the attacker to read sensitive data, such as \/etc\/shadow content, loaded by the original process<\/li><\/ul>

    SUID, short for Set User ID, is a\u00a0special\u00a0file permission\u00a0that allows a user to execute a program with the privileges of its owner, rather than their own permissions.<\/p>

    “When analyzing application crashes, apport attempts to detect if the crashing process was running inside a container before performing consistency checks on it,” Canonical’s Octavio Galland\u00a0said.<\/p>

    “This means that if a local attacker manages to induce a crash in a privileged process and quickly replaces it with another one with the same process ID that resides inside a mount and pid namespace, apport will attempt to forward the core dump (which might contain sensitive information belonging to the original, privileged process) into the namespace.”<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

    \n\t\t\t\t\t\t
    \n\t\t\t\t\t
    \n\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t

    New Safari XSS Flaw Leverages JavaScript Error Handling to Execute Arbitrary Code<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    A new\u00a0cross-site scripting (XSS)\u00a0vulnerability in Safari that exploits the browser\u2019s TypeError exception handling mechanism to execute arbitrary JavaScript code.\u00a0<\/p>

    The flaw, discovered during Gareth Heyes research into payload concealment techniques, demonstrates how Safari\u2019s improper handling of quote escaping in TypeError messages can be weaponized for malicious code execution.\u00a0<\/p>

    This vulnerability represents a significant security concern as it bypasses traditional\u00a0XSS prevention\u00a0mechanisms by leveraging the browser\u2019s own error-handling infrastructure.<\/p>

    The vulnerability stems from Safari\u2019s flawed handling of single and double quotes within TypeError exception messages.\u00a0<\/p>

    When developers attempt to use the new operator on a string literal containing mixed quotes, Safari generates a TypeError that inadequately escapes quote characters within the error message.\u00a0<\/p>

    The core issue manifests when executing code such as new \u2018foo\u201dbar\u2019, which produces the TypeError message: \u201cfoo\u201dbar\u201d is not a constructor.<\/p>

    The critical flaw lies in Safari\u2019s conversion process, where single quotes are transformed to double quotes, but the embedded double quote within the string remains unescaped.\u00a0<\/p>

    This creates a scenario where the resulting error message contains three double quotes, effectively breaking the string boundary and allowing arbitrary\u00a0JavaScript\u00a0to be injected into the exception text.\u00a0<\/p>

    The exploitation becomes possible because TypeErrors, unlike syntax errors, do not prevent subsequent JavaScript execution, creating a pathway for malicious code to run within the context of the error message.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

    \n\t\t\t\t\t\t
    \n\t\t\t\t\t
    \n\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t

    Cyber Attacks<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t\t
    \n\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t

    Threat Actors Exploit \u2018Prove You Are Human\u2019 Scheme To Deliver Malware<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    Cybersecurity researchers have uncovered a sophisticated malware campaign that weaponizes users\u2019 trust in routine internet verification processes to deliver malicious payloads.<\/p>

    The scheme exploits familiar \u201cprove you are human\u201d prompts, transforming seemingly innocent website interactions into vectors for malware distribution across Windows systems worldwide.<\/p>

    The campaign employs deceptive websites that mimic legitimate services, including spoofed Gitcodes\u00a0repositories\u00a0and fraudulent DocuSign verification pages, to trick users into executing malicious PowerShell scripts on their machines.<\/p>

    Victims are manipulated into copying and pasting these scripts directly into their Windows Run prompt, initiating a cascade of automated downloads that ultimately install the NetSupport Remote Access Trojan (RAT) on infected systems.<\/p>

    DomainTools analysts\u00a0identified\u00a0this malicious multi-stage downloader campaign targeting Windows users through carefully crafted social engineering techniques.<\/p>

    The researchers discovered that threat actors are leveraging multiple themed websites to host PowerShell scripts designed to bypass traditional\u00a0security measures\u00a0through their staged approach.<\/p>

    The campaign represents a significant evolution in social engineering tactics, as it requires victims to actively participate in their own compromise while believing they are completing legitimate verification procedures.<\/p>

    The attack infrastructure demonstrates remarkable sophistication, utilizing multiple registrars including Cloudflare, NameCheap, and NameSilo, with name servers distributed across cloudflare.com, luxhost.org, and namecheaphosting.com.<\/p>

    This distributed approach enhances the campaign\u2019s resilience against takedown efforts while providing attackers with multiple fallback options for payload delivery.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

    \n\t\t\t\t\t\t
    \n\t\t\t\t\t
    \n\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t

    New Linux PumaBot Attacking IoT Devices by Brute-Forcing SSH Credentials<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    Cybersecurity researchers have identified a sophisticated new threat targeting the expanding Internet of Things ecosystem.<\/p>

    PumaBot, a Go-based Linux botnet, has emerged as a significant concern for organizations operating vulnerable IoT devices, particularly surveillance systems.<\/p>

    Unlike conventional malware that conducts broad internet scans, this botnet employs a more targeted and stealthy approach to compromise embedded devices running\u00a0Linux\u00a0operating systems.<\/p>

    The malware\u2019s attack methodology centers on SSH credential brute-forcing, but with a strategic twist that sets it apart from traditional botnets.<\/p>

    Rather than scanning the internet indiscriminately, PumaBot retrieves curated lists of target IP addresses from command-and-control servers, enabling it to focus its efforts on specific vulnerable devices while avoiding detection mechanisms designed to identify mass scanning activities.<\/p>

    PolySwarm analysts\u00a0identified\u00a0PumaBot during recent threat research operations, noting its sophisticated evasion capabilities and targeted approach to IoT compromise.<\/p>

    The researchers observed that the malware demonstrates particular interest in surveillance and traffic camera systems, incorporating specific fingerprinting logic to detect devices manufactured by Pumatronix, a surveillance equipment company.<\/p>

    Once PumaBot successfully infiltrates a target system through compromised SSH credentials, it immediately begins establishing persistence mechanisms designed to survive system reboots and security sweeps.<\/p>

    The primary objective appears to be\u00a0cryptocurrency mining, with researchers observing commands like \u201cxmrig\u201d and \u201cnetworkxm\u201d being executed on compromised devices to generate illicit profits for the operators.<\/p>

    The botnet\u2019s emergence highlights the growing vulnerability of IoT ecosystems, where default credentials and poor security practices create attractive targets for cybercriminals seeking to monetize compromised computing resources.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

    \n\t\t\t\t\t\t
    \n\t\t\t\t\t
    \n\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t

    In Other News...<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t\t
    \n\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t

    New Crocodilus Malware Let Attacker Gain Full Control of Your Android Device<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    A sophisticated new Android banking Trojan named Crocodilus has emerged as a significant global threat, demonstrating advanced device-takeover capabilities that grant cybercriminals unprecedented control over infected smartphones.<\/p>

    First discovered in March 2025, this malware has rapidly evolved from localised test campaigns to a worldwide operation targeting financial institutions and cryptocurrency platforms across multiple continents.<\/p>

    The malware initially appeared with\u00a0campaigns\u00a0primarily focused on Turkey, but recent intelligence reveals an aggressive expansion strategy that now encompasses European countries including Poland and Spain, while extending its reach to South American markets.<\/p>

    Crocodilus employs a particularly insidious distribution method through malicious Facebook advertisements that masquerade as legitimate banking and e-commerce applications, promising users bonus rewards and promotional offers to entice downloads.<\/p>

    Threat Fabric analysts\u00a0noted\u00a0that these fraudulent advertisements operated with remarkable stealth, remaining active for only one to two hours while achieving over a thousand impressions each.<\/p>

    The campaigns specifically targeted users over 35 years old, strategically focusing on demographics with higher disposable income and greater likelihood of engaging with financial services.<\/p>

    Upon clicking download links, victims are redirected to malicious websites that deliver the Crocodilus dropper, which has been engineered to bypass Android 13+ security restrictions.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

    \n\t\t\t\t\t\t
    \n\t\t\t\t\t
    \n\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t

    OpenAI is hopeful GPT-5 will compete a little more<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    OpenAI’s next\u00a0foundational model is GPT-5, and the AI startup is hoping that the model will compete a little more with rivals.<\/p>

    Speaking at the\u00a0AI Summit\u00a0in Mexico, two OpenAI representatives\u00a0confirmed\u00a0that GPT-5 is indeed coming and that it\u2019ll be a lot better than the existing OpenAI models.<\/p>

    OpenAI is still working on GPT-5 and doesn\u2019t know how much it will cost, but it doesn\u2019t look like it will be “that” cheap, likely referring to the existing GPT-4 model.<\/p>

    In addition, an OpenAI representative added that they hope to compete a little more with GPT-5 without providing details.<\/p>

    “We hope that with GPT-5 we will be able to compete a little more,” one of the OpenAI representatives said.<\/p>

    It looks like the company is referring to the competition from the new models like Gemini 2.5 Pro and Claude 4, which do better than GPT in coding.<\/p>

    Based on what I\u2019ve heard, GPT-5 is still expected to ship sometime in the summer, but since we\u2019re talking about OpenAI, plans are always subject to change.<\/p>

    If GPT-5 doesn\u2019t appear to meet the internal performance goals, it may take a little longer to roll out, but for now, July is indeed the target.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

    <\/span> 5<\/span> mins read<\/span><\/span>Linux and Safari flaws exposed, attackers gain control of Android devices, what’s next for ChatGPT? Welcome to this week’s Security News. We’ve collated the best articles from the around the internet and put them all into one place. If you have any queries or concerns about anything in this week’s news, then please get in […]<\/p>\n","protected":false},"author":1,"featured_media":4844,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[355],"tags":[287,285,286,289,288,284],"class_list":["post-4835","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security-news","tag-cyber-attacks","tag-cyber-security","tag-news","tag-patches","tag-vulnerabilities","tag-weekly-security-news"],"yoast_head":"\nWeekly Security News - 9th June 2025 - D2NA<\/title>\n<meta name=\"description\" content=\"Linux and Safari flaws exposed, attackers gain control of Android devices, what's next for ChatGPT?\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.d2na.com\/index.php\/2025\/06\/09\/weekly-security-news-9th-june-2025\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Weekly Security News - 9th June 2025\" \/>\n<meta property=\"og:description\" content=\"Linux and Safari flaws exposed, attackers gain control of Android devices, what's next for ChatGPT?\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.d2na.com\/index.php\/2025\/06\/09\/weekly-security-news-9th-june-2025\/\" \/>\n<meta property=\"og:site_name\" content=\"D2NA\" \/>\n<meta property=\"article:published_time\" content=\"2025-06-09T07:42:50+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-06-09T08:51:51+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/06\/2025-06-09.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"628\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Shaun Conway\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@D2NA\" \/>\n<meta name=\"twitter:site\" content=\"@D2NA\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Shaun Conway\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/06\\\/09\\\/weekly-security-news-9th-june-2025\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/06\\\/09\\\/weekly-security-news-9th-june-2025\\\/\"},\"author\":{\"name\":\"Shaun Conway\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/person\\\/624fbd3965489b22f6dcfc6d7eb4fb36\"},\"headline\":\"Weekly Security News – 9th June 2025\",\"datePublished\":\"2025-06-09T07:42:50+00:00\",\"dateModified\":\"2025-06-09T08:51:51+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/06\\\/09\\\/weekly-security-news-9th-june-2025\\\/\"},\"wordCount\":1582,\"publisher\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/06\\\/09\\\/weekly-security-news-9th-june-2025\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/06\\\/2025-06-09.jpeg\",\"keywords\":[\"cyber attacks\",\"cyber security\",\"news\",\"patches\",\"vulnerabilities\",\"weekly security news\"],\"articleSection\":[\"Security News\"],\"inLanguage\":\"en-GB\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/06\\\/09\\\/weekly-security-news-9th-june-2025\\\/\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/06\\\/09\\\/weekly-security-news-9th-june-2025\\\/\",\"name\":\"Weekly Security News - 9th June 2025 - D2NA\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/06\\\/09\\\/weekly-security-news-9th-june-2025\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/06\\\/09\\\/weekly-security-news-9th-june-2025\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/06\\\/2025-06-09.jpeg\",\"datePublished\":\"2025-06-09T07:42:50+00:00\",\"dateModified\":\"2025-06-09T08:51:51+00:00\",\"description\":\"Linux and Safari flaws exposed, attackers gain control of Android devices, what's next for ChatGPT?\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/06\\\/09\\\/weekly-security-news-9th-june-2025\\\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/06\\\/09\\\/weekly-security-news-9th-june-2025\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/06\\\/09\\\/weekly-security-news-9th-june-2025\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/06\\\/2025-06-09.jpeg\",\"contentUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/06\\\/2025-06-09.jpeg\",\"width\":1200,\"height\":628,\"caption\":\"2025-06-09\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/06\\\/09\\\/weekly-security-news-9th-june-2025\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.d2na.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Weekly Security News – 9th June 2025\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#website\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/\",\"name\":\"D2NA\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.d2na.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#organization\",\"name\":\"D2 Network Associates Limited\",\"alternateName\":\"D2NA\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/Header-Logo.png\",\"contentUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/Header-Logo.png\",\"width\":180,\"height\":60,\"caption\":\"D2 Network Associates Limited\"},\"image\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/D2NA\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/d2-network-associates-ltd\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/person\\\/624fbd3965489b22f6dcfc6d7eb4fb36\",\"name\":\"Shaun Conway\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g\",\"caption\":\"Shaun Conway\"},\"sameAs\":[\"https:\\\/\\\/www.d2na.com\"],\"url\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/author\\\/shaun-conway\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Weekly Security News - 9th June 2025 - D2NA","description":"Linux and Safari flaws exposed, attackers gain control of Android devices, what's next for ChatGPT?","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.d2na.com\/index.php\/2025\/06\/09\/weekly-security-news-9th-june-2025\/","og_locale":"en_GB","og_type":"article","og_title":"Weekly Security News - 9th June 2025","og_description":"Linux and Safari flaws exposed, attackers gain control of Android devices, what's next for ChatGPT?","og_url":"https:\/\/www.d2na.com\/index.php\/2025\/06\/09\/weekly-security-news-9th-june-2025\/","og_site_name":"D2NA","article_published_time":"2025-06-09T07:42:50+00:00","article_modified_time":"2025-06-09T08:51:51+00:00","og_image":[{"width":1200,"height":628,"url":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/06\/2025-06-09.jpeg","type":"image\/jpeg"}],"author":"Shaun Conway","twitter_card":"summary_large_image","twitter_creator":"@D2NA","twitter_site":"@D2NA","twitter_misc":{"Written by":"Shaun Conway","Estimated reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.d2na.com\/index.php\/2025\/06\/09\/weekly-security-news-9th-june-2025\/#article","isPartOf":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/06\/09\/weekly-security-news-9th-june-2025\/"},"author":{"name":"Shaun Conway","@id":"https:\/\/www.d2na.com\/#\/schema\/person\/624fbd3965489b22f6dcfc6d7eb4fb36"},"headline":"Weekly Security News – 9th June 2025","datePublished":"2025-06-09T07:42:50+00:00","dateModified":"2025-06-09T08:51:51+00:00","mainEntityOfPage":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/06\/09\/weekly-security-news-9th-june-2025\/"},"wordCount":1582,"publisher":{"@id":"https:\/\/www.d2na.com\/#organization"},"image":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/06\/09\/weekly-security-news-9th-june-2025\/#primaryimage"},"thumbnailUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/06\/2025-06-09.jpeg","keywords":["cyber attacks","cyber security","news","patches","vulnerabilities","weekly security news"],"articleSection":["Security News"],"inLanguage":"en-GB"},{"@type":"WebPage","@id":"https:\/\/www.d2na.com\/index.php\/2025\/06\/09\/weekly-security-news-9th-june-2025\/","url":"https:\/\/www.d2na.com\/index.php\/2025\/06\/09\/weekly-security-news-9th-june-2025\/","name":"Weekly Security News - 9th June 2025 - D2NA","isPartOf":{"@id":"https:\/\/www.d2na.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/06\/09\/weekly-security-news-9th-june-2025\/#primaryimage"},"image":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/06\/09\/weekly-security-news-9th-june-2025\/#primaryimage"},"thumbnailUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/06\/2025-06-09.jpeg","datePublished":"2025-06-09T07:42:50+00:00","dateModified":"2025-06-09T08:51:51+00:00","description":"Linux and Safari flaws exposed, attackers gain control of Android devices, what's next for ChatGPT?","breadcrumb":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/06\/09\/weekly-security-news-9th-june-2025\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.d2na.com\/index.php\/2025\/06\/09\/weekly-security-news-9th-june-2025\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.d2na.com\/index.php\/2025\/06\/09\/weekly-security-news-9th-june-2025\/#primaryimage","url":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/06\/2025-06-09.jpeg","contentUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/06\/2025-06-09.jpeg","width":1200,"height":628,"caption":"2025-06-09"},{"@type":"BreadcrumbList","@id":"https:\/\/www.d2na.com\/index.php\/2025\/06\/09\/weekly-security-news-9th-june-2025\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.d2na.com\/"},{"@type":"ListItem","position":2,"name":"Weekly Security News – 9th June 2025"}]},{"@type":"WebSite","@id":"https:\/\/www.d2na.com\/#website","url":"https:\/\/www.d2na.com\/","name":"D2NA","description":"","publisher":{"@id":"https:\/\/www.d2na.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.d2na.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/www.d2na.com\/#organization","name":"D2 Network Associates Limited","alternateName":"D2NA","url":"https:\/\/www.d2na.com\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.d2na.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/12\/Header-Logo.png","contentUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/12\/Header-Logo.png","width":180,"height":60,"caption":"D2 Network Associates Limited"},"image":{"@id":"https:\/\/www.d2na.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/D2NA","https:\/\/www.linkedin.com\/company\/d2-network-associates-ltd\/"]},{"@type":"Person","@id":"https:\/\/www.d2na.com\/#\/schema\/person\/624fbd3965489b22f6dcfc6d7eb4fb36","name":"Shaun Conway","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/secure.gravatar.com\/avatar\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g","caption":"Shaun Conway"},"sameAs":["https:\/\/www.d2na.com"],"url":"https:\/\/www.d2na.com\/index.php\/author\/shaun-conway\/"}]}},"_links":{"self":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts\/4835","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/comments?post=4835"}],"version-history":[{"count":9,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts\/4835\/revisions"}],"predecessor-version":[{"id":4846,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts\/4835\/revisions\/4846"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/media\/4844"}],"wp:attachment":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/media?parent=4835"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/categories?post=4835"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/tags?post=4835"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}