#227 - Intel Chat: Sudo, browser vulns, Medusa & Cloudflare blocks AI
In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community: https://community.limacharlie.com/
- Two critical local privilege escalation vulnerabilities in the Sudo utility—CVE-2025-32462 and CVE-2025-32463—have been disclosed by the Stratascale Cyber Research Unit: https://www.stratascale.com/vulnerability-alert-CVE-2025-32463-sudo-chroot
- Google Chrome and Mozilla Firefox are both facing distinct, serious threats this week—Chrome from a zero-day vulnerability under active exploitation and Firefox from a campaign of malicious browser extensions targeting cryptocurrency users: https://www.darkreading.com/cyberattacks-data-breaches/browsers-targeted-chrome-zero-day-malicious-firefox-extensions
- The Medusa ransomware group, active since late 2021, has maintained a consistent and aggressive operational tempo into 2025: https://www.bridewell.com/insights/blogs/detail/who-are-medusa-ransomware-group
- Cloudflare has rolled out a significant change to how websites handle AI crawlers, positioning itself as the first internet infrastructure provider to block AI-driven scraping by default: https://www.securityweek.com/cloudflare-puts-a-default-block-on-ai-web-scraping/