{"vulnerability": "cve-2025-61928", "sightings": [{"uuid": "348eddfb-d6f3-4fd6-aafa-609028aca5c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-61928", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3m3nm2iifnv25", "content": "", "creation_timestamp": "2025-10-20T19:58:14.880093Z"}, {"uuid": "de3da4f6-c09d-44c7-81f5-3f7a94764bad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-61928", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3m3rkompw7c2p", "content": "", "creation_timestamp": "2025-10-22T09:44:23.732238Z"}, {"uuid": "8ec4f1e8-32c1-44b2-8077-de43712e1be1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-61928", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3m3b4t723ps2j", "content": "", "creation_timestamp": "2025-10-15T20:53:46.868966Z"}, {"uuid": "eea25f6f-2f0c-4909-9bf7-d161f6a3ae5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-61928", "type": "seen", "source": "https://bsky.app/profile/appsecfeed.bsky.social/post/3m3mppv2ecv26", "content": "", "creation_timestamp": "2025-10-20T11:31:14.038650Z"}, {"uuid": "c779f039-592d-409a-a92f-580d96a1e88e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-61928", "type": "seen", "source": "https://bsky.app/profile/crowdcyber.bsky.social/post/3m3pv7amzit26", "content": "", "creation_timestamp": "2025-10-21T17:47:17.063071Z"}, {"uuid": "c79f4210-9e84-4fde-ad1f-93dfd1c34055", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-61928", "type": "seen", "source": "https://bsky.app/profile/0x4d6165.wanderingwires.net.ap.brid.gy/post/3m3o3frzhe2a2", "content": "", "creation_timestamp": "2025-10-21T00:34:21.435402Z"}, {"uuid": "b870c396-bc92-428c-b614-70e9b35f89a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-61928", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-0bdc0bc6-e63b33b7dcb5b017", "content": "", "creation_timestamp": "2025-10-24T14:15:39.344651Z"}, {"uuid": "4d499793-df1a-4e8d-8358-84a635b5e19d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-61928", "type": "seen", "source": "https://bsky.app/profile/crowdcyber.bsky.social/post/3m3svpho2nm2j", "content": "", "creation_timestamp": "2025-10-22T22:34:20.446242Z"}, {"uuid": "f8807a73-9f3a-4db9-88d1-43c52a6b5aca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-61928", "type": "seen", "source": "https://bsky.app/profile/r-netsec.bsky.social/post/3m3osfpb4a22r", "content": "", "creation_timestamp": "2025-10-21T07:24:32.841418Z"}, {"uuid": "5ea84fe0-e686-4cb0-9f48-de9a39ae4e2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-61928", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/643", "content": "Top Security News for Today\n\nHow a fake AI recruiter delivers five staged malware disguised as a dream job  \nhttps://www.reddit.com/r/netsec/comments/1obgnxd/how_a_fake_ai_recruiter_delivers_five_staged/\n\nXRayC2 \u2013 Weaponizing AWS X-Ray for Covert Command and Control (C2)  \nhttps://www.darknet.org.uk/2025/10/xrayc2-weaponizing-aws-x-ray-for-covert-command-and-control-c2/\n\nAgentic AI\u2019s OODA Loop Problem  \nhttps://www.schneier.com/blog/archives/2025/10/agentic-ais-ooda-loop-problem.html\n\nEvilginx\u2019s creator reckons with the dark side of red-team tools  \nhttps://therecord.media/evilginx-kuba-gretzky-interview-click-here-podcast\n\n20th October \u2013 Threat Intelligence Report  \nhttps://research.checkpoint.com/2025/20th-october-threat-intelligence-report/\n\nHome security firm Verisure reports data breach at Swedish subsidiary  \nhttps://therecord.media/verisure-data-breach-sweden-alert-alarm-subsidiary\n\nChina claims it caught US attempting cyberattack on national time center  \nhttps://therecord.media/china-attack-national-time-center\n\nInside the attack chain: Threat activity targeting Azure Blob Storage  \nhttps://www.microsoft.com/en-us/security/blog/2025/10/20/inside-the-attack-chain-threat-activity-targeting-azure-blob-storage/\n\nTunneling WireGuard over HTTPS using Wstunnel  \nhttps://www.reddit.com/r/netsec/comments/1obogco/tunneling_wireguard_over_https_using_wstunnel/\n\nBetter-Auth Critical Account Takeover via Unauthenticated API Key Creation (CVE-2025-61928)  \nhttps://www.reddit.com/r/netsec/comments/1obrlhi/betterauth_critical_account_takeover_via/\n\nFollow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2025-10-21T09:30:50.000000Z"}, {"uuid": "5c972bd3-1a55-4980-8c35-9bb20fcf8704", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-61928", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/10291", "content": "Critical Account Takeover via Unauthenticated API Key Creation in better-auth (CVE-2025-61928) - ZeroPath Blog\n\nhttps://zeropath.com/blog/breaking-authentication-unauthenticated-api-key-creation-in-better-auth-cve-2025-61928", "creation_timestamp": "2025-10-22T06:51:26.000000Z"}, {"uuid": "00d9ad90-ef98-4c83-a943-7f62ed407683", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-61928", "type": "seen", "source": "https://t.me/TopCyberTechNews/644", "content": "Top Security News for Today\n\nThe evolving landscape of email phishing attacks: how threat actors are reusing and refining established techniques  \nhttps://securelist.com/email-phishing-techniques-2025/117801/\n\nBetter-Auth Critical Account Takeover via Unauthenticated API Key Creation (CVE-2025-61928)  \nhttps://www.reddit.com/r/netsec/comments/1obrlhi/betterauth_critical_account_takeover_via/\n\nCVE-2025-9133: ZYXEL Configuration Exposure via Authorization Bypass  \nhttps://www.reddit.com/r/netsec/comments/1oc4qwa/cve20259133_zyxel_configuration_exposure_via/\n\nA Cybersecurity Merit Badge  \nhttps://www.schneier.com/blog/archives/2025/10/a-cybersecurity-merit-badge.html\n\nFast, Broad, and Elusive: How Vidar Stealer 2.0 Upgrades Infostealer Capabilities  \nhttps://www.trendmicro.com/en_us/research/25/j/how-vidar-stealer-2-upgrades-infostealer-capabilities.html\n\nMicrosoft 365 Copilot - Arbitrary Data Exfiltration Via Mermaid Diagrams  \nhttps://www.reddit.com/r/netsec/comments/1occb7r/microsoft_365_copilot_arbitrary_data_exfiltration/\n\nFollow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2025-10-22T09:30:16.000000Z"}]}