Welcome to the latest issue of ONSEC Cyber Daily. Today, we're diving into a flurry of active cyber threats and vulnerabilities that have been making headlines. Ivanti, a leading IT company, has issued a warning about active exploitation of a bug in its Connect Secure appliances. The U.K.'s National Cyber Security Centre (NCSC) and the Cybersecurity and Infrastructure Security Agency (CISA) have echoed these concerns, urging organizations to stay vigilant and proactive in their cybersecurity measures. In other news, Ivanti has released patches for the CVE-2025-0282 zero-day vulnerability, which is currently being exploited in the wild. The tech industry is also buzzing about critical security flaws in Oracle and Mitel systems, with CISA issuing an urgent alert about three vulnerabilities currently under active exploitation. In the world of cybersecurity podcasts, we have updates from the CyberHub Podcast, CISO Stories, and the Insuring Cyber Podcast, among others. These episodes offer in-depth analysis and insights into the current cybersecurity landscape. Stay tuned for more details on these stories and other breaking cybersecurity news. Stay safe and secure!

Exploits Alert

1. Active Exploitation of Ivanti Connect Secure Appliances: Ivanti has issued a security advisory warning of active exploitation of a bug in its Connect Secure appliances. Cybersecurity firm Rapid7 has also commented on the vulnerabilities. The U.K.'s National Cyber Security Centre (NCSC) is currently working to fully understand the situation. Source: Cyber Daily, The Record, NCSC.GOV.UK
2. CISA Alert on Three Actively Exploited Vulnerabilities: The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding three critical vulnerabilities that are currently being actively exploited in attacks. The details of the vulnerabilities have not been disclosed. Source: Cybersecurity News
3. Mitel MiCollab Vulnerabilities Exploited in Attacks: CISA has also issued a warning about vulnerabilities in Mitel's MiCollab software that are being exploited in attacks. The nature of these vulnerabilities and the potential impact of their exploitation is currently under investigation. Source: SecurityWeek

Vulnerabilities & Patches

1. CVE-2025-0282: Ivanti Connect Secure Zero-Day Exploited: Ivanti has warned users about the active exploitation of the CVE-2025-0282 zero-day vulnerability in Connect Secure. Patches are now available and users are advised to apply them immediately, without waiting for a typical patch cycle. Source: IT Brief Australia
2. CVE-2020-2883: Oracle WebLogic Server Security Flaw: A critical security flaw, tracked as CVE-2020-2883, has been found in Oracle WebLogic Server. The bug was patched in April 2020, but it still poses a serious threat as it allows threat actors to gain access. Source: MSN
3. CVE-2024-55550: Mitel VoIP Systems Vulnerability: Mitel VoIP systems have a vulnerability tracked as CVE-2024-55550. The bug is currently under active exploit and there is no fix yet. Users are advised to patch their systems. Source: The Register
4. CVE-2024-9140: Moxa OT Device Vulnerabilities: Moxa has patched two vulnerabilities in its OT devices, including the critical CVE-2024-9140 bug. This bug could be exploited by attackers for remote code execution. Source: MSSP Alert
5. CVE-2025-0291: Chrome and Firefox Vulnerability: Developers have released a patch for a dangerous vulnerability, CVE-2025-0291, in Chrome and Firefox. Users are urged to update their browsers immediately. Source: Se7en

Podcasts

1. Engaging with Australia's next-generation Defence STEM workforce: This podcast episode discusses the importance of cyber security, cryptography, and traditional warfighting modelling in Australia's next-generation Defence STEM workforce. The episode provides a platform for debate and discussion on these critical topics. Source: Defence Connect
2. The Cyber Threat in Guam That Has US Officials Worried: The Big Take DC podcast delves into the hacking campaign "Volt Typhoon" and its implications for the US-China conflict. The episode explores the potential impact of a cyber attack in Guam. Source: Bloomberg
3. Telecom Ransomware Attack Expends Globally, UN Data Breach, Cybersecurity Safety: The CyberHub Podcast provides the latest cybersecurity news and analysis, discussing global telecom ransomware attacks, a UN data breach, and cybersecurity safety. Source: Substack
4. The Journey From Unit 8200 To The Cybersecurity Startup World – Niv Braun – FS #8: In this episode of Founder Stories, Niv Braun, co-founder and CEO, shares his journey from Unit 8200 to the cybersecurity startup world, providing insights into the challenges and opportunities in the sector. Source: SC World
5. AI Talk With Juliana Neelbauer - Episode Three - Cybersecurity Insurance: The third episode of AI Talk with Juliana Neelbauer discusses cybersecurity insurance with Ralph Pasquariello, a Senior Partner and cyber liability specialist at The Tech Collective. Source: JD Supra

Final Words

As we wrap up today's edition of 'ONSEC Cyber Daily', we want to remind you that staying informed is the first line of defense in the digital world. The cyber landscape is constantly evolving, and it's our mission to keep you updated on the latest threats and vulnerabilities. Today, we've discussed the active exploitation of a bug in Ivanti's Connect Secure appliances, the urgent alerts issued by CISA, and the importance of timely patching. We've also highlighted the latest cybersecurity news, updates, and podcasts. Remember, cybersecurity is a shared responsibility. We encourage you to share 'ONSEC Cyber Daily' with your friends and colleagues. Let's work together to create a safer cyber environment for all. Stay safe, stay informed, and see you in the next edition of ONSEC Cyber Daily.

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)