- Mycomputerspot Security Newsletter
- Posts
- Market & Momentum - 10/13/2025
Market & Momentum - 10/13/2025
7-Zip’s symbolic link flaw; GoAnywhere under active ransomware use; and Oracle drops another EBS zero-day - this week’s risk climate demands surgical speed.
J.W. Croley
October 13, 2025
In partnership with
Take control of your chaotic inbox
Spam. Promotions. Phishing links. A messy inbox is more than annoying. It’s risky.
Proton Mail shields your inbox from invasive tracking and junk clutter by default. No creepy ad sorting. No surveillance. Just clean, simple organization designed to protect your focus.
You shouldn’t have to fight your email to find what matters. Proton Mail keeps your inbox safe, private, and easy to manage — so you can stay productive, not distracted.
Over the last few days, two high-severity 7-Zip vulnerabilities (CVE-2025-11001 / CVE-2025-11002) have come to light, Microsoft confirmed that GoAnywhere MFT’s CVE-2025-10035 is under active exploitation by ransomware groups, and Oracle warned of a new EBS flaw, CVE-2025-61884, allowing remote access without authentication.
Add in fresh KEV catalog additions and new ICS advisories, and the defense window is shrinking.
Trend (broad) | Likelihood (0–10) | Impact (0–10) | What to watch |
|---|---|---|---|
RCE via archive handling (7-Zip) | 8 | 8 | Symbolic link bypass in ZIP extraction |
File transfer gateway compromise | 8 | 9 | Exploitation of GoAnywhere MFT in ransomware campaigns |
Oracle EBS remote code risk | 7 | 8 | New unauthenticated access bug in EBS systems |
ICS / OT advisories & exposure | 6 | 7 | New CISA ICS alerts for industrial systems |
KEV expansion & enforcement pressure | 7 | 7 | Catalog additions increasing mandatory patch windows |
7-Zip symbolic link RCE flaws - CVE-2025-11001 and CVE-2025-11002 allow malicious ZIP archives to escape extraction directories and execute code.
Microsoft warns GoAnywhere zero-day exploited - CVE-2025-10035 is actively used by Storm-1175 and linked ransomware incidents.
Oracle issues alert for EBS zero-day CVE-2025-61884 - The flaw enables unauthenticated remote access into critical modules of Oracle EBS environments.
CISA adds seven to Known Exploited Vulnerabilities — New entries tighten patch enforcement windows for affected products.
CISA issues fresh ICS/OT advisories — A wave of industrial control system vulnerabilities demand attention from critical infrastructure operators.
Daily News for Curious Minds
Be the smartest person in the room by reading 1440! Dive into 1440, where 4 million Americans find their daily, fact-based news fix. We navigate through 100+ sources to deliver a comprehensive roundup from every corner of the internet – politics, global events, business, and culture, all in a quick, 5-minute newsletter. It's completely free and devoid of bias or political influence, ensuring you get the facts straight. Subscribe to 1440 today.
Archive tooling under strain: RCE via ZIP is a recurring vector - attackers keep revisiting low-level file utilities.
Gateway to compromise: File transfer systems (like GoAnywhere) are lucrative paths for lateral access.
Business ERP in weapon crosshairs: Oracle’s repeat EBS issues highlight how core enterprise systems are now exploitation targets.
Industrial systems exposed: New ICS alerts suggest that even airgapped systems are being reevaluated as risk surfaces.
Mandated urgency via KEV: Catalog expansions force defenders into shorter patch cycles - tactical resilience is essential.
7-Zip exploit: Mandate update to version 25.01 or later; block archive extractions from untrusted sources in endpoints.
GoAnywhere MFT: Patch CVE-2025-10035 immediately; deny external admin access; review logs for ‘SignedObject.getObject’ misuse.
Oracle EBS zero-day: Apply CVE-2025-61884 patch urgently; segment EBS from general network traffic.
ICS/OT systems: Review new CISA advisories; update firewall rules, monitor telemetry, and isolate risky endpoints.
KEV response: Reconcile new KEV entries with your asset inventory; generate attestation plans for newly listed products.
When new KEV entries land alongside emergency patches, defenders get clarity on priority focus - responding becomes not optional but inevitable.
Attackers keep probing the plumbing. The race is no longer about prevention—it’s about immediate patch + isolation.
J.W.
(P.S. Forward to your CISO / Add to Board Briefing!)
Go from AI overwhelmed to AI savvy professional
AI will eliminate 300 million jobs in the next 5 years.
Yours doesn't have to be one of them.
Here's how to future-proof your career:
Join the Superhuman AI newsletter - read by 1M+ professionals
Learn AI skills in 3 mins a day
Become the AI expert on your team