Brief #125: Redis CVE 10.0 RCE Hits 330K Instances, Meta's A2AS AI Framework, 50% Networks Block AI

Happy Sunday!

In this week's brief:

• A perfect 10.0 CVSS vulnerability dubbed RediShell is exposing 330,000 Redis instances worldwide, allowing attackers to escape Lua sandbox and achieve complete system compromise
• Half of enterprise networks are too outdated to support AI initiatives according to IDC, with 94% saying their infrastructure limits large data and AI projects
• 70% of job openings never make it to LinkedIn according to a former hiring manager, meaning you're competing with 1,500+ people for the visible 30%

A quick note before we dive in.

Industry News

RediShell: Critical Redis RCE Vulnerability Exposes 330,000 Internet-Facing Instances

• Wiz Research discovered CVE-2025-49844, a use-after-free memory corruption vulnerability in Redis that allows attackers to escape the Lua sandbox and achieve arbitrary code execution with a CVSS 10.0 rating – the highest possible severity.

• The vulnerability affects approximately 330,000 internet-exposed Redis instances globally, with about 60,000 lacking authentication and 57% of cloud environments running Redis as container images with potentially insecure default configurations.

• Successful exploitation enables complete system compromise including credential theft, malware installation, data exfiltration, and lateral movement within cloud environments using stolen IAM tokens and certificates.

ZDI Discloses 13 Unpatched Ivanti Endpoint Manager Vulnerabilities

• Trend Micro's Zero Day Initiative published advisories for 13 unpatched vulnerabilities in Ivanti Endpoint Manager, with CVSS scores ranging from 7.2 to 8.8. One flaw allows local privilege escalation while 12 enable remote code execution.

• All vulnerabilities stem from improper validation of user-supplied input, leading to SQL injection and deserialization attacks. The bugs affect various components including AgentPortal service, Report_RunPatch, DBDR, and PatchHistory classes.

• Ivanti initially requested patches by September 2025 but later extended the timeline to March 2026 for all 12 RCE flaws. ZDI disclosed the vulnerabilities after the 120-day disclosure window expired without adequate vendor response.

Cursor IDE Case-Sensitivity Bug Enables Remote Code Execution

• A case-sensitivity vulnerability in Cursor IDE allowed attackers to bypass file protections by using variations like .cUrSoR/mcp.json instead of .cursor/mcp.json, which the IDE treated as different files while the operating system treated them as identical on Windows and macOS.

• The flaw could lead to remote code execution by enabling attackers to inject malicious configuration files, register unauthorized plugins, or modify build tasks that execute arbitrary shell commands without triggering Cursor's security confirmation prompts.

• Cursor patched the vulnerability in version 1.7 by normalizing file paths and implementing case-insensitive comparisons, but the incident highlights broader security challenges as AI-powered development tools gain more autonomous capabilities to modify system configurations.