Cyber Security Headlines China-linked group linked to new malware, 2024 VMware zero-day still exploited, iOS fixes a bevy of glitches
16 snips
Oct 1, 2025 Chinese hackers are stealthily targeting governments with new NetStar malware, raising alarms about long-term intelligence threats. Meanwhile, a VMware zero-day vulnerability has been actively exploited since October 2024, prompting crucial patches. Apple has rolled out fixes for 26 iOS issues, including a dangerous font parser flaw. The Asahi Group faces production halts due to a cyber attack, and nearly 50,000 Cisco firewalls remain vulnerable to remote code execution threats, underscoring the pressing need for cybersecurity vigilance.
AI Snips
Chapters
Transcript
Episode notes
Stealthy Targeting Of Governments
- Palo Alto Networks' Unit 42 found Phantom Taurus using a custom .NET malware suite called NetStar against governments and telecoms.
- The group uses time-stomping and advanced evasion for long-term intelligence collection across Africa, the Middle East, and Asia.
VMware Zero-Day Used For Root Access
- Broadcom patched an ARIA/VMware tools high-severity bug exploited since October 2024 by UNC 5174 to gain root on VMs.
- Multiple related VMware zero-days and NSX flaws were also fixed after active exploitation and reporting by the NSA.
Apply Apple Security Updates Immediately
- Install Apple's iOS 26.0 and related OS patches to address Wi‑Fi, cellular, photo, and font parser memory-corruption bugs.
- Update iPadOS, macOS, watchOS, tvOS, and visionOS too and expect iOS 26.1 later in October.