Vulnerable Milesight Routers Used for SMS Phishing Attacks

Cyber Security News by CyberSum.net

Published on October 1, 2025 at 06:04 PM

5 sources

Threat actors are abusing vulnerable Milesight industrial cellular routers to conduct widespread smishing campaigns. The attackers exploit the routers' APIs to send malicious SMS messages containing phishing links that impersonate government services, banks, and postal providers. This activity, ongoing since at least 2022, leverages a known vulnerability (CVE-2023-43261) and device misconfigurations. By using a decentralized network of compromised routers, the attackers can distribute messages across multiple regions while complicating detection efforts. The campaign highlights how insecure IoT devices can be weaponized for large-scale phishing operations.

Also Read

OpenShift AI Flaw Allows Full Cluster Takeover (CVE-2025-10725)

A severe vulnerability in Red Hat OpenShift AI (CVE-2025-10725) allows low-privileged users to escalate their permissions to full cluster administrator. The flaw stems from an overly permissive ClusterRole assignment that grants any authenticated user the ability to create jobs across the entire cluster. An attacker with minimal access, such as a data scientist account, can abuse this permission to run malicious jobs with elevated rights. This could lead to a complete compromise of the cluster, including data theft and service disruption. Administrators are urged to mitigate the risk by immediately removing the insecure ClusterRoleBinding and adopting a least-privilege security model.

By Cyber Security News by CyberSum.netOctober 1, 2025 at 06:04 PM