Welcome to today's edition of ONSEC Cyber Daily, where the digital landscape is as turbulent as ever. As the U.S. Cybersecurity and Infrastructure Security Agency (CISA) sounds the alarm on a critical Windows flaw actively exploited by cybercriminals, state agencies are failing cyber safety tests, prompting auditors to ring a 'loud warning bell.' Meanwhile, dormant threats loom over government and critical infrastructure, with potential Iranian cyberattacks on the horizon. The urgency doesn't stop there—Oracle's E-Business Suite faces a zero-day vulnerability, exploited for ransomware attacks, while Redis servers are exposed to remote exploitation. As the cyber storm rages, the call for immediate patching and robust security measures has never been more critical. Stay informed, stay secure.

Exploits Alert

1. CISA Warns of Active Exploits in Critical Windows Flaw: The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a critical vulnerability in Windows systems. This flaw is actively being exploited, posing significant risks to organizations relying on Windows infrastructure. Immediate patching is advised to mitigate potential damage. Source: eSecurity Planet
2. State Agencies Fail Cyber Safety Tests, Auditor Issues 'Loud Warning Bell': A recent audit reveals that numerous state agencies are failing to meet basic cybersecurity standards, leaving them vulnerable to cyberattacks. The report serves as a wake-up call for government entities to bolster their cybersecurity measures. Source: DeSoto County News
3. The Silent Breach: Dormant Cyber Threats to Government and Critical Infrastructure: Despite ongoing diplomatic efforts, there is a looming threat of Iranian cyberattacks targeting U.S. infrastructure. Government agencies are urged to remain vigilant and enhance their cybersecurity defenses to prevent potential breaches. Source: MSSP Alert
4. CISA Alerts on Oracle E-Business Suite 0-Day Actively Exploited for Ransomware Attacks: CISA has issued a critical alert regarding a zero-day vulnerability in Oracle E-Business Suite, which is being exploited for ransomware attacks. Organizations using this software should apply patches immediately to protect against potential data breaches. Source: GB Hackers
5. Redis Patches Critical "RediShell" RCE Vulnerability, Update ASAP! (CVE-2025-49844): Redis has released a patch for a critical remote code execution vulnerability known as "RediShell." The German Federal Office for Information Security (BSI) has highlighted the urgency of this update, especially for the 4,000 affected systems in Germany. Source: Help Net Security

Vulnerabilities & Patches

1. Redis RCE Vulnerability Lets Hackers Control Servers: A critical Redis remote code execution (RCE) vulnerability, tracked as CVE-2025-49844, allows attackers to control servers via Lua script abuse. Redis and Wiz have urged immediate patching to prevent exploitation of this 13-year-old flaw. Source: LinkedIn
2. Samsung's Android 16 (One UI 8) Update Dates: Samsung's latest One UI 8 update addresses multiple vulnerabilities, including insecure storage of sensitive information (CVE-2025-21045) and improper access control (CVE-2025-21046). Users are advised to update their devices promptly to mitigate these security risks. Source: Sammy Fans
3. Clop Exploited Oracle Zero-Day for Data Theft: The Clop ransomware group exploited a zero-day vulnerability in Oracle's E-Business Suite, tracked as CVE-2025-61882, for data theft. Oracle has released a patch, and users are urged to update immediately to prevent further exploitation. Source: Bleeping Computer
4. OpenSSH Vulnerability Exploited Via ProxyCommand: A vulnerability in OpenSSH, identified as CVE-2025-61984, allows remote code execution through malicious Git repositories. The OpenSSH project has released a patch, and users should update to secure their systems. Source: Cybersecurity News
5. Unity Security Issue Could Let Hackers Gain Access: A high-severity flaw in Unity, CVE-2025-59489, could enable attackers to execute code on Windows and Android systems. Unity has released a patch, and developers are encouraged to update their applications to protect users. Source: TechRadar

Podcasts

1. Cyber Matters: The new podcast series every business leader needs to hear: This podcast series is essential for business leaders looking to stay ahead in the ever-evolving cyber landscape. It covers a wide range of topics, from emerging threats to best practices in cybersecurity, providing valuable insights for decision-makers. The episodes are designed to be accessible and informative, making complex cybersecurity concepts understandable for non-technical audiences. Source
2. Don't Worry, We'll Get to Solving Your Problem on Slide 87 - CISO Series: Hosted by David Spark and Andy Ellis, this podcast episode dives into the challenges faced by CISOs in communicating cybersecurity issues to non-technical stakeholders. It humorously addresses the common disconnect between technical teams and business executives, offering practical advice on bridging this gap. The episode features insights from industry experts, making it a must-listen for cybersecurity professionals. Source
3. Unity vulnerability, Oracle zero-day patched - CISO Series: This episode of the CISO Series podcast provides a timely update on recent vulnerabilities, including a Unity vulnerability and an Oracle zero-day patch. It highlights the importance of staying informed about the latest security patches and vulnerabilities to protect organizational assets. The discussion is geared towards cybersecurity professionals seeking to keep their systems secure and up-to-date. Source

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, it's clear that the digital landscape is as dynamic as ever, with vulnerabilities lurking in unexpected corners. From the CISA's urgent warnings about critical Windows flaws to the persistent threats targeting state agencies and critical infrastructure, the message is clear: vigilance is key. These stories remind us of the importance of staying informed and proactive in our cybersecurity efforts. In a world where cyber threats evolve rapidly, sharing knowledge is our strongest defense. If you found today's insights valuable, please share this newsletter with your friends and colleagues. Together, we can build a more secure digital future. Until next time, stay safe and stay informed!

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)