Weekly Exploit Roundup

Generated 2026-01-06T08:00:13.412695+00:00 (UTC)

1. Metasploit 2025 Annual Wrap-Up
   Source: Rapid7 Cybersecurity Blog | Published: 2026-01-05T20:31:31+00:00 | Score: 21.458
   Hard to believe it's that time again, and that Metasploit Framework will see the dawn of another Annual Wrap-Up (and a New Year). All of the metrics and modules you see here would in large part not be possible without the dedicated community members who care about the Framework and its mission on all the days of the year. It is their hard work and dedication that makes it look like magic, and sometimes, it feels like it too. A heartfelt thank you to all of our researchers and contributors, you're what makes Metasploit Framework so resilient. This year brought its share of notable vulnerabilities, substantial framework improvements, and continued evolution of the project. Whether you submitted a module, filed an issue, or helped triage a bug, your contributions have kept Metasploit relevant and powerful. So without further ado, let's dive into the highlights from 2025. Persistence Overhaul One of the year's significant infrastructure improvements came from community contributor h00die,
2. CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution
   Source: The Hacker News | Published: 2025-12-30T16:28:00+00:00 | Score: 17.852
   The Cyber Security Agency of Singapore (CSA) has issued a bulletin warning of a maximum-severity security flaw in SmarterTools SmarterMail email software that could be exploited to achieve remote code execution.
   The vulnerability, tracked as CVE-2025-52691, carries a CVSS score of 10.0. It relates to a case of arbitrary file upload that could enable code execution without requiring any
3. New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands
   Source: The Hacker News | Published: 2026-01-06T05:08:00+00:00 | Score: 17.515
   A new critical security vulnerability has been disclosed in n8n, an open-source workflow automation platform, that could enable an authenticated attacker to execute arbitrary system commands on the underlying host.
   The vulnerability, tracked as CVE-2025-68668, is rated 9.9 on the CVSS scoring system. It has been described as a case of a protection mechanism failure.
   It affects n8n versions from
4. Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers
   Source: The Hacker News | Published: 2026-01-06T03:30:00+00:00 | Score: 17.466
   Users of the "@adonisjs/bodyparser" npm package are being advised to update to the latest version following the disclosure of a critical security vulnerability that, if successfully exploited, could allow a remote attacker to write arbitrary files on the server.
   Tracked as CVE-2026-21440 (CVSS score: 9.2), the flaw has been described as a path traversal issue affecting the AdonisJS multipart
5. Over 10K Fortinet firewalls exposed to actively exploited 2FA bypass
   Source: BleepingComputer | Published: 2026-01-02T16:01:55+00:00 | Score: 12.582
   Over 10,000 Internet-exposed Fortinet firewalls are still vulnerable to attacks exploiting a five-year-old two-factor authentication (2FA) bypass vulnerability. […]
6. RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers
   Source: The Hacker News | Published: 2026-01-01T09:19:00+00:00 | Score: 12.068
   Cybersecurity researchers have disclosed details of a persistent nine-month-long campaign that has targeted Internet of Things (IoT) devices and web applications to enroll them into a botnet known as RondoDox.
   As of December 2025, the activity has been observed leveraging the recently disclosed React2Shell (CVE-2025-55182, CVSS score: 10.0) flaw as an initial access vector, CloudSEK said in an
7. Critical CVSS 9.8 Flaw Found in IBM API Connect Authentication System
   Source: The Hacker News | Published: 2025-12-31T13:37:00+00:00 | Score: 10.481
   IBM has disclosed details of a critical security flaw in API Connect that could allow attackers to gain remote access to the application.
   The vulnerability, tracked as CVE-2025-13915, is rated 9.8 out of a maximum of 10.0 on the CVSS scoring system. It has been described as an authentication bypass flaw.
   "IBM API Connect could allow a remote attacker to bypass authentication mechanisms and gain
8. Researcher Spotlights WhatsApp Metadata Leak as Meta Begins Rolling Out Fixes
   Source: SecurityWeek | Published: 2026-01-05T12:01:59+00:00 | Score: 9.906
   WhatsApp device fingerprinting can be useful in the delivery of sophisticated spyware, but impact is very limited without a zero-day. The post Researcher Spotlights WhatsApp Metadata Leak as Meta Begins Rolling Out Fixes appeared first on SecurityWeek .
9. ⚡ Weekly Recap: IoT Exploits, Wallet Breaches, Rogue Extensions, AI Abuse & More
   Source: The Hacker News | Published: 2026-01-05T12:53:00+00:00 | Score: 9.531
   The year opened without a reset. The same pressure carried over, and in some places it tightened. Systems people assume are boring or stable are showing up in the wrong places. Attacks moved quietly, reused familiar paths, and kept working longer than anyone wants to admit.
   This week’s stories share one pattern. Nothing flashy. No single moment. Just steady abuse of trust — updates, extensions,
10. The State of Cybersecurity in 2025: Key Segments, Insights, and Innovations
    Source: The Hacker News | Published: 2026-01-05T11:55:00+00:00 | Score: 9.502
    Featuring:

    Cybersecurity is being reshaped by forces that extend beyond individual threats or tools. As organizations operate across cloud infrastructure, distributed endpoints, and complex supply chains, security has shifted from a collection of point solutions to a question of architecture, trust, and execution speed.
    This report examines how core areas of cybersecurity are evolving in

End of report.