Welcome to the ONSEC Cyber Daily for October 28, where today's cybersecurity landscape unfolds like a high-stakes thriller. The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm on critical vulnerabilities in Veeder-Root systems, potentially allowing attackers to execute system commands with ease. Meanwhile, a newly discovered flaw in the OpenAI Atlas Browser threatens to unleash malicious scripts within ChatGPT, raising the stakes for AI security. As if that weren't enough, hackers are exploiting a botched patch in Microsoft's Windows Server Update Services (WSUS), tracked as CVE-2025-59287, leaving organizations scrambling to secure their systems. In the midst of these digital skirmishes, the Pwn2Own competition reveals a zero-click vulnerability in WhatsApp, adding another layer of urgency to the cybersecurity narrative. Stay tuned as we delve into these unfolding stories, where every vulnerability is a potential plot twist in the ongoing saga of cyber defense.

Exploits Alert

1. CISA Alerts on Critical Veeder-Root Flaws Allowing Attackers to Execute System Commands: The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding serious vulnerabilities in Veeder-Root systems. These flaws could allow attackers to execute arbitrary system commands, posing significant risks to affected infrastructures. Organizations using these systems are urged to apply patches immediately to mitigate potential exploitation. Source: GB Hackers.
2. OpenAI Atlas Browser Vulnerability Lets Attackers Execute Malicious Scripts in ChatGPT: A critical vulnerability identified by cybersecurity firm LayerX in the OpenAI Atlas Browser allows attackers to execute malicious scripts within ChatGPT. This flaw could lead to unauthorized data access and manipulation if exploited. Users are advised to update their systems and apply recommended security measures to prevent potential attacks. Source: GB Hackers.
3. Attackers Bypass Patch in Deprecated Windows Server Update Tool: CyberScoop reports that attackers have found a way to bypass a patch in the deprecated Windows Server Update Services (WSUS) tool. This vulnerability allows cybercriminals to exploit unpatched systems, potentially leading to unauthorized access and data breaches. Organizations are advised to ensure all patches are up-to-date and consider deprecating the use of WSUS. Source: CyberScoop.
4. Pwn2Own Hackers Privately Report WhatsApp Zero-Click Vulnerability to Meta: During the Pwn2Own Ireland 2025 hacking competition, cybersecurity researchers from Team Z3 reported a zero-click vulnerability in WhatsApp to Meta. This vulnerability could allow attackers to compromise devices without user interaction. Meta is expected to release a patch soon to address this critical issue. Source: CyberPress.
5. Hackers Exploiting Microsoft WSUS Vulnerability In The Wild - 2800 Instances Exposed Online: Cybersecurity News highlights that hackers are actively exploiting a vulnerability in Microsoft WSUS, with over 2800 instances exposed online. This exploitation involves deploying NetSupport RAT loaders using the ClickFix technique, posing severe risks to affected systems. Immediate patching and enhanced security measures are recommended to prevent further exploitation. Source: Cybersecurity News.

Vulnerabilities & Patches

1. Microsoft WSUS Remote Code Execution Vulnerability: A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-59287, has been actively exploited in the wild. This flaw in Windows Server Update Services (WSUS) allows attackers to execute arbitrary code remotely, posing a significant threat to organizations relying on WSUS for updates. Microsoft has released a patch, and organizations are urged to apply it immediately to mitigate the risk. Source: The Register, Palo Alto Networks, Bleeping Computer.
2. Critical Dell Storage Manager Flaws: Dell Storage Manager has been found to have a critical improper authentication flaw, identified as CVE-2025-43995. This vulnerability could allow unauthorized access to sensitive data. Dell has issued a patch, and it is crucial for users to update their systems to prevent potential data breaches. Source: IT Pro.
3. Chrome 0-Day Vulnerability Exploited: A zero-day vulnerability in Chrome, CVE-2025-2783, is being actively exploited by the hacker group Mem3nt0 Mori. This flaw affects Chromium-based browsers, and users are advised to update their browsers immediately to the latest patched version to protect against potential attacks. Source: GB Hackers, Cybersecurity News.
4. BIND 9 DNS Flaw Exposes Servers: Over 706,000 BIND 9 DNS resolvers are vulnerable to cache poisoning due to CVE-2025-40778. This flaw could allow attackers to manipulate DNS responses, leading to potential data interception or redirection. Immediate upgrades to patched versions are recommended by ISC to secure affected systems. Source: The Cyber Express.
5. ToolShell Exploit in Public-Facing Applications: Cisco has identified a sharp increase in attacks on public-facing applications due to the ToolShell exploit, affecting vulnerabilities CVE-2025-53770 and CVE-2025-53771. These flaws impact applications built with python-socket.io, and security teams are advised to patch immediately to prevent unauthorized access. Source: SC World.

Podcasts

1. Exploring Toxic Romance: 'Lose the Plot' Podcast Dives Deep into T.L. Swan's 'The Stopover': This podcast episode of "Lose the Plot with Carla and Emily" delves into the cyber safety issues embedded within the dramatic narrative of *The Stopover* by T.L. Swan. The hosts explore the complexities of toxic romance and its implications on personal security, offering listeners a unique blend of literary analysis and cybersecurity awareness. Source.
2. Silicon In Focus Podcast: Jason Lau, Chief Information Security Officer at Crypto.com: In this insightful episode, Jason Lau, a member of the ISACA Board, shares his expertise on the evolving landscape of cybersecurity. Whether you're a CISO, a security practitioner, or simply curious about the field, Lau's discussion provides valuable perspectives on managing security in the fast-paced world of cryptocurrency. Source.
3. Cybersecurity Unplugged: The Future of AI in Security: This podcast explores the intersection of artificial intelligence and cybersecurity, discussing how AI is transforming threat detection and response. Experts weigh in on the potential benefits and risks of AI-driven security solutions, providing listeners with a comprehensive overview of the future landscape. Source.
4. The Privacy Paradox: Navigating Data Protection in the Digital Age: This podcast series tackles the complex issues surrounding data privacy and protection in today's digital world. Featuring interviews with leading privacy advocates and legal experts, it offers practical advice on safeguarding personal information while navigating the challenges of modern technology. Source.
5. Darknet Diaries: The Rise of Ransomware: In this gripping episode, the podcast delves into the rise of ransomware attacks, exploring real-life cases and the impact on businesses and individuals. The host interviews cybersecurity experts and victims, providing a chilling yet informative look at this growing threat. Source.

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, it's clear that the digital landscape is as dynamic as ever. From CISA's urgent alerts on critical Veeder-Root vulnerabilities to the crafty exploits targeting Windows Server updates, the cybersecurity world is in constant motion. Each vulnerability, like a piece of a larger puzzle, reminds us of the intricate web of challenges we face in safeguarding our digital domains. In this ever-evolving narrative, staying informed is our best defense. We encourage you to share this newsletter with your friends and colleagues, helping to spread awareness and fortify our collective cyber resilience. Together, we can navigate these digital challenges and build a safer, more secure future. Until tomorrow, stay vigilant and stay secure!

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)