Welcome to the January 28th edition of ONSEC Cyber Daily, where today's headlines weave a narrative of relentless cyber threats and vulnerabilities. Our lead story uncovers the active exploitation of a critical WinRAR path traversal flaw, CVE-2025-8088, by both nation-state actors and cybercriminals, highlighting the persistent threat landscape. As organizations grapple with these challenges, the limitations of rule-based detection systems are laid bare, leaving many vulnerable to sophisticated attacks. Meanwhile, the military's operational technology faces its own cyber vulnerabilities, underscoring the need for robust defenses. In parallel, Linux systems are under siege from exploited vulnerabilities, while Microsoft rushes to patch a zero-day flaw in Office products, CVE-2026-21509, that has been actively targeted in sophisticated attacks. The urgency of patching is echoed across the board, from TP-Link cameras to Node.js libraries, as attackers exploit slow patching rates to their advantage. As we navigate this complex cyber landscape, the rise of AI and deepfakes introduces new dimensions to cyber threats, demanding innovative security strategies. Stay informed and vigilant as we delve into these pressing issues and more in today's ONSEC Cyber Daily.

Exploits Alert

1. WinRAR Path Traversal CVE-2025-8088 Actively Exploited: Both government-backed groups linked to Russia and China, as well as financially motivated cybercriminals, are exploiting a critical vulnerability in WinRAR. This flaw allows attackers to gain initial access to systems, posing a significant threat to users worldwide. Source
2. Organizations Warned of Exploited Linux Vulnerabilities: CISA has issued a warning about active exploitation of vulnerabilities in Linux systems. These vulnerabilities are being targeted by cybercriminals, highlighting the need for organizations to update and secure their Linux environments promptly. Source
3. HackerOne Addresses the Thorny Issue of Security Testing AI Systems: HackerOne is tackling the complex challenges of security testing for AI systems. As AI becomes more integrated into various technologies, identifying and mitigating vulnerabilities in these systems is crucial for maintaining cybersecurity. Source
4. CERT-In Flags High-Risk Chrome Flaw, Urges Immediate Update: CERT-In has alerted millions of Google Chrome users to a critical flaw that exposes systems to remote cyberattacks. Users on Windows, Mac, and Linux are urged to update their browsers immediately to protect against potential exploits. Source
5. Complete Takeover: Highly Dangerous Vulnerability in TP-Link Camera Models: TP-Link has issued a warning about a severe security vulnerability affecting many of its camera models. This flaw could allow attackers to take complete control of the devices, emphasizing the importance of applying security patches promptly. Source

Vulnerabilities & Patches

1. Critical Sandbox Escape Flaw in vm2 NodeJS Library: A critical vulnerability, CVE-2026-22709, has been identified in the vm2 NodeJS library, allowing attackers to bypass the sandbox and execute arbitrary code. The flaw was partially addressed in version 3.10.1 and fully patched in version 3.10.2. Developers using vm2 are urged to update immediately to mitigate potential risks. Source: Bleeping Computer.
2. Actively Exploited Microsoft Office Zero-Day Fixed: Microsoft has released emergency updates to address an actively exploited zero-day vulnerability in Microsoft Office, tracked as CVE-2026-21509. This security feature bypass flaw allows attackers to execute malicious code, emphasizing the need for immediate patch application to prevent potential takeovers. Source: SC Media.
3. Fortinet Mitigates FortiCloud SSO Zero-Day: Fortinet has identified a zero-day vulnerability, CVE-2026-24858, affecting FortiCloud SSO. While a patch is being developed, Fortinet has implemented mitigations to prevent exploitation. Users are advised to stay updated on patch releases to secure their systems. Source: Bleeping Computer.
4. React Faces New DoS Vulnerabilities: React has encountered a third wave of vulnerabilities, specifically Denial of Service (DoS) flaws, following recent patches. The new vulnerabilities, CVE-2026-23864, necessitate another emergency update, highlighting the ongoing security challenges in maintaining robust React applications. Source: Cyber Kendra.
5. OpenSSL 3.6.1 Security Patch Released: OpenSSL has released version 3.6.1 to address high-severity security issues, including CVE-2025-11187. This update focuses on fixing several memory-related vulnerabilities, underscoring the importance of timely updates to maintain secure cryptographic operations. Source: Linuxiac.

Podcasts

1. Cyber's New Reality: AI, Deepfakes, And Double Extortion: This podcast delves into the evolving landscape of cybersecurity threats, focusing on the rise of AI-driven attacks, deepfake technology, and the complexities of double extortion ransomware. It provides insights into how these threats are reshaping security strategies and what organizations can do to stay ahead. Source.
2. PRIVACY PODCAST EPISODE ONE: A Practical Guide to the New CCPA Regulations: This episode offers a comprehensive overview of the new CCPA regulations effective from January 1, 2026, highlighting the increased cybersecurity obligations for businesses. It serves as a practical guide for companies to navigate these changes, emphasizing the importance of audits and risk assessments. Source.
3. I'll Show You Our Resilience Plan Once Our Cloud Storage Is Back Online: This podcast from the CISO Series explores the challenges of maintaining business continuity and resilience in the face of cloud storage disruptions. It discusses strategies for developing robust resilience plans and the importance of having backup solutions to mitigate downtime. Source.
4. Top AI Technology & Cybersecurity Podcasts to Follow in 2026: This podcast series provides insights into cutting-edge AI technologies and their implications for cybersecurity. Recent episodes focus on MCP security considerations and agentic architecture patterns, offering unique perspectives not found elsewhere. Source.

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, it's clear that the digital landscape is as dynamic as ever. From the actively exploited WinRAR Path Traversal CVE-2025-8088 to the persistent threats lurking in Microsoft Office vulnerabilities, the need for vigilance and proactive measures is paramount. Whether you're a cybersecurity professional or just someone keen on staying informed, sharing this knowledge is crucial. By spreading the word, you empower your friends and colleagues to fortify their defenses against these evolving threats. Let's build a more secure digital world together—share this newsletter and stay ahead of the curve. Until tomorrow, stay safe and cyber-aware!

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn