The past week in cybersecurity was marked by the discovery of a fast-spreading worm on WhatsApp, active exploitation of a zero-day vulnerability in Oracle software, and the coordinated takedown of a major ransomware operation. Security researchers and vendors also released patches for several critical vulnerabilities affecting widely used enterprise systems.

Widespread Threats: WhatsApp Worm and Oracle Zero-Day

A new self-propagating malware, dubbed the “WhatsApp Redirect Worm,” was identified spreading through the popular messaging application. The worm propagates by sending a malicious link from a compromised account to the user’s entire contact list. When a recipient clicks the link, their device becomes infected, and the worm continues its spread. The malware’s payload is designed to exfiltrate contact lists and credentials stored on the device.

In a separate major development, an unpatched zero-day vulnerability in Oracle Fusion Middleware was confirmed to be under active exploitation. The flaw allows for unauthenticated remote code execution on affected servers. Oracle issued an emergency security alert acknowledging the attacks and has directed customers to apply immediate workarounds while a permanent patch is developed. The vulnerability has been assigned a critical severity rating.

Vulnerability Disclosures and Law Enforcement Action

This week saw the release of several critical security patches from major software vendors. Microsoft and Adobe issued updates addressing multiple remote code execution flaws in their products. Notably, a critical vulnerability, tracked as CVE-2025-10850 with a CVSS score of 9.8, was patched in a popular enterprise VPN solution. Another critical flaw, CVE-2025-21901, was addressed in the Apache Struts web application framework, preventing potential server takeovers.

On the law enforcement front, an international coalition of agencies announced the successful disruption of the ‘Black Urial’ ransomware cartel. The operation resulted in the seizure of the group’s dark web leak sites, command-and-control servers, and several cryptocurrency wallets containing millions of dollars in illicit proceeds. The cartel was known for targeting healthcare and critical infrastructure sectors.

Source: https://thehackernews.com/2025/10/weekly-recap-whatsapp-worm-critical.html