ONSEC: Boutique Penetration Testing Agency

Sign in Subscribe

ONSEC.io Research Team

ONSEC.io Research Team

Cyber Daily 2/10: AI Romance Scams Target Daters, Irish Homes Face Streaming Cyberattacks, Ivanti Mobile Flaw Alert, BeyondTrust RCE Vulnerability

Cyber Daily 2/10: AI Romance Scams Target Daters, Irish Homes Face Streaming Cyberattacks, Ivanti Mobile Flaw Alert, BeyondTrust RCE Vulnerability

Welcome to the February 10th edition of ONSEC Cyber Daily, where we unravel the tangled web of today's most pressing cybersecurity threats. As Valentine's Day approaches, love isn't the only thing in the air—AI-driven romance scams are on the rise, leaving online daters

Cyber Daily 2/6: VMware ESXi Ransomware Surge, Russian Olympic Cyberattacks, n8n Vulnerability Exploits, WinRAR Flaw Weaponized

Cyber Daily 2/6: VMware ESXi Ransomware Surge, Russian Olympic Cyberattacks, n8n Vulnerability Exploits, WinRAR Flaw Weaponized

Welcome to today's edition of ONSEC Cyber Daily, where we unravel the intricate web of cyber threats and vulnerabilities shaping our digital landscape. In this issue, we delve into the stealthy resurgence of Interlock ransomware, which has upped its game with new attack strategies. Meanwhile, Coveware's

Cyber Daily 2/5: CISA's Silent SolarWinds Alert, Bahamas Energy Grid Threat, Russia Exploits Microsoft, Shadow DNS Malware Unveiled

Cyber Daily 2/5: CISA's Silent SolarWinds Alert, Bahamas Energy Grid Threat, Russia Exploits Microsoft, Shadow DNS Malware Unveiled

Welcome to today's edition of ONSEC Cyber Daily, where the silent whispers of vulnerabilities echo louder than ever. In a world where cyber threats lurk in the shadows, CISA has quietly updated its Known Exploited Vulnerabilities catalog, yet no alarms were raised. As ransomware groups exploit these silent

Cyber Daily 2/4: SolarWinds, Microsoft Office Exploits, Russian Cyber Threats, Underground Financial Networks

Cyber Daily 2/4: SolarWinds, Microsoft Office Exploits, Russian Cyber Threats, Underground Financial Networks

Welcome to today's edition of ONSEC Cyber Daily, where we unravel the intricate web of cyber threats and vulnerabilities that shape our digital landscape. In a world where every click and keystroke can open doors to unseen dangers, CISA has sounded the alarm on four critical vulnerabilities, including

Cyber Daily 1/30: Ivanti & Fortinet Zero-Days Exploited, SolarWinds & Microsoft Patch Critical Flaws, Nation-State Actors Target WinRAR Vulnerability

Cyber Daily 1/30: Ivanti & Fortinet Zero-Days Exploited, SolarWinds & Microsoft Patch Critical Flaws, Nation-State Actors Target WinRAR Vulnerability

Welcome to today's edition of ONSEC Cyber Daily, where we unravel a web of critical vulnerabilities and urgent patches that are shaking the cybersecurity landscape. Ivanti has sounded the alarm on two zero-day vulnerabilities in its Endpoint Manager Mobile, urging immediate action as hackers exploit these flaws. Meanwhile,

Cyber Daily 1/28: WinRAR Exploit Hits Russia & China, Microsoft Office Zero-Day Forces Emergency Patch, Military Tech Vulnerabilities Exposed, Linux Flaws Under Siege

Cyber Daily 1/28: WinRAR Exploit Hits Russia & China, Microsoft Office Zero-Day Forces Emergency Patch, Military Tech Vulnerabilities Exposed, Linux Flaws Under Siege

Welcome to the January 28th edition of ONSEC Cyber Daily, where today's headlines weave a narrative of relentless cyber threats and vulnerabilities. Our lead story uncovers the active exploitation of a critical WinRAR path traversal flaw, CVE-2025-8088, by both nation-state actors and cybercriminals, highlighting the persistent threat landscape.

Cyber Daily 1/27: CISA Alerts on VMware & Zimbra Exploits, NYDFS Phishing Scam Warning, Microsoft Patches Office Zero-Day, Apache Hadoop Vulnerability Risks

Cyber Daily 1/27: CISA Alerts on VMware & Zimbra Exploits, NYDFS Phishing Scam Warning, Microsoft Patches Office Zero-Day, Apache Hadoop Vulnerability Risks

Welcome to the January 27th edition of ONSEC Cyber Daily, where today's headlines weave a tale of escalating cyber threats and urgent defenses. The U.S. Cybersecurity Agency has sounded the alarm, adding six new vulnerabilities to its known-exploited list, spotlighting critical flaws in VMware vCenter and Zimbra.