ThreatsDay Weekly: Redis RCE, RMM Abuse, AI Voice Brief
🛡️ This week’s ThreatsDay covers a broad set of active risks: a critical Redis XACKDEL stack‑overflow RCE (CVE‑2025‑62507, CVSS 8.8) with ~2,924 servers affected, signed malware campaigns by BaoLoader, and surging abuse of legitimate RMM tools delivered by phishing. Researchers also disclosed RCE in AI/ML libraries via Hydra.instantiate() misuse and a new voice‑cloning evasion technique, VocalBridge. Multiple OT, Wi‑Fi, and smart‑contract incidents — and law‑enforcement activity — round out this week’s notable developments. Prioritize patches, certificate vetting, and account hygiene.
