Welcome to the ONSEC Cyber Daily, where today's issue dives into the relentless surge of cyber vulnerabilities that have marked the year 2025 as a pivotal moment in cybersecurity history. As the CISA KEV catalog reveals an alarming acceleration in exploited vulnerabilities, the pressure on zero-day defenses intensifies with a 20% spike in newly exploited flaws. This narrative unfolds against a backdrop of critical security breaches, from the n8n automation platform's command execution flaw to the IBM API Connect vulnerability alert. Meanwhile, the global stage witnesses cyberattacks like the one at US Fermilab, exacerbated by a Microsoft SharePoint vulnerability. As Samsung rolls out its January 2026 security patch with 55 fixes, the urgency for robust cybersecurity measures becomes ever more apparent. Join us as we explore these interconnected threats and the evolving landscape of digital security.

Exploits Alert

1. Exploited Vulnerabilities Accelerated in 2025, CISA KEV Catalog Shows: The reacceleration of exploited vulnerabilities in 2025 highlights the ongoing and evolving threat of cyberattacks. This trend underscores the need for continuous vigilance and adaptation in cybersecurity strategies. Source: SC Media
2. Zero-day Pressure Mounts as Newly Exploited Flaws Jump 20%: A recent analysis by Cyble of CISA's KEV list reveals a 20% increase in newly exploited flaws, emphasizing the growing pressure on organizations to address zero-day vulnerabilities promptly. This surge calls for enhanced detection and response capabilities. Source: Digit.fyi
3. n8n Automation Platform Hit by Arbitrary Command Execution Flaw: A critical vulnerability in the n8n workflow automation platform allows authenticated users to execute arbitrary commands, posing a significant security risk. Immediate patching and user authentication reviews are recommended to mitigate potential exploitation. Source: Cyber Press
4. Critical IBM API Connect Flaw CVE-2025-13915 Alert: The Cyber Security Agency of Singapore has issued an alert for a critical vulnerability in IBM API Connect, urging organizations to apply patches to prevent potential exploitation. This flaw could lead to unauthorized access and data breaches if left unaddressed. Source: Cyble
5. US Fermilab Hit By Cyberattack Amid Global Microsoft SharePoint Vulnerability: A cybersecurity breach at US Fermilab, linked to a vulnerability in Microsoft's SharePoint, highlights the widespread impact of unpatched software. This incident underscores the importance of timely updates and robust security measures to protect sensitive data. Source: MSN

Vulnerabilities & Patches

1. Samsung Begins January 2026 Security Patch Rollout with 55 Fixes in One UI for Galaxy: Samsung has initiated its January 2026 security patch rollout, addressing 55 vulnerabilities in its One UI for Galaxy devices. Among these, the critical CVE-2024-43859 could potentially allow remote exploitation under certain conditions. This update underscores Samsung's commitment to maintaining device security. Source: Mixvale.
2. High-Severity Flaw in Open WebUI Affects AI Connections: A significant vulnerability in Open WebUI, affecting AI connections, was disclosed after being reported in October 2025. The flaw, now patched, highlights the importance of timely updates in AI-driven environments to prevent potential exploitation. Source: Infosecurity Magazine.
3. Critical Dolby Vulnerability Patched in Android: Google has addressed a critical vulnerability in Dolby UDC, tracked as CVE-2025-54957, which was discovered in October 2025. This buffer overflow issue could have led to severe security breaches if left unpatched, emphasizing the need for continuous vigilance in multimedia components. Source: SecurityWeek.
4. Critical Dolby Leak in Android Patched by Google: The CVE-2025-54957 vulnerability in Dolby UDC versions 4.5 to 4.13 has been patched by Google. This buffer overflow flaw, occurring during data processing, could have been exploited for malicious purposes, highlighting the critical nature of regular security updates. Source: Techzine Global.
5. n8n Vulnerability CVE-2025-68668 Enables Command Execution: A critical vulnerability in n8n, identified as CVE-2025-68668, allows arbitrary command execution due to a sandbox bypass in the Python Code Node. The patch details and security measures have been released to mitigate this risk, underscoring the importance of securing automation tools. Source: The Cyber Express.

Podcasts

1. Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 264: 2026: This podcast delves into the intersection of healthcare and technology, exploring topics from cybersecurity threats to the integration of AI in medical practices. Hosts Lauren and Matthew provide insights from recent industry conversations, highlighting the evolving landscape of healthcare. Source
2. AI, Quantum, and the New Threat Frontier: What Will Define Cybersecurity in 2026?: This episode from Security Boulevard discusses the future of cybersecurity, focusing on the impact of AI and quantum computing. It examines how these technologies will redefine risk models and security strategies in the coming years. Source
3. Imagine Scaling Mistakes 5x Faster. Thank You, Automation! (LIVE in NY): The CISO Series podcast explores the challenges and opportunities of automation in cybersecurity. This episode, recorded live in New York, discusses how automation can amplify both successes and failures, urging listeners to consider the implications of rapid technological scaling. Source

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, it's clear that the landscape of cybersecurity is ever-shifting, with vulnerabilities accelerating at an unprecedented pace. The year 2025 has shown us that the threat of cyberattacks is not only persistent but evolving, as highlighted by the CISA KEV catalog and the surge in zero-day exploits. From critical flaws in popular platforms like n8n and IBM API Connect to the global implications of vulnerabilities in Microsoft SharePoint, the need for vigilance and proactive measures has never been more crucial. In this interconnected world, sharing knowledge is our strongest defense. We encourage you to pass this newsletter along to your friends and colleagues. Together, we can build a more informed and resilient community, ready to face the challenges of tomorrow. Stay safe, stay informed, and until next time, keep your systems secure!

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn