Welcome to today's edition of ONSEC Cyber Daily, where we weave a narrative from the latest in cybersecurity. As the digital landscape evolves, so do the threats lurking within it. Today, we delve into the strategic integration of AI in cybersecurity across APAC organizations, highlighting how automation can alleviate alert fatigue and prioritize vulnerabilities based on real exploitability. Meanwhile, the cyber realm is abuzz with critical updates as Microsoft addresses multiple zero-day vulnerabilities, including a notorious Word flaw that bypasses security features. As attackers find new ways to exploit weaknesses, from Windows Shell to Notepad, the urgency for robust patch management becomes ever more apparent. Join us as we navigate these developments and explore how organizations can stay one step ahead in this relentless cyber arms race.

Exploits Alert

1. Microsoft Office Word 0-day Vulnerability Actively Exploited in the Wild: A critical zero-day vulnerability in Microsoft Office Word is being actively exploited, allowing attackers to execute arbitrary code. This exploit highlights the importance of vigilance and timely updates to protect against potential threats. Organizations are urged to implement robust security measures to mitigate the risk. Source: Cyber Security News.
2. Windows Shell Security Feature 0-Day Vulnerability Lets Attackers Bypass Authentication: A newly discovered zero-day vulnerability in Windows Shell allows attackers to bypass authentication without user consent. This exploit poses a significant threat as it can be used to gain unauthorized access to systems. Users are advised to apply security patches promptly to safeguard their systems. Source: Cyber Security News.
3. FortiOS Authentication Bypass Vulnerability Allows Attackers to Bypass LDAP Login: A vulnerability in FortiOS enables attackers to bypass LDAP login, potentially compromising sensitive data. This exploit underscores the need for organizations to segment LDAP from the internet and enhance their security protocols. Immediate action is recommended to prevent unauthorized access. Source: Cyberpress.
4. How APAC Organizations Can Operationalize AI in Cybersecurity: APAC organizations are leveraging AI to enhance cybersecurity by prioritizing vulnerabilities based on exploitability and automating incident triage. This approach reduces alert fatigue and improves response times, making it a crucial strategy for modern cybersecurity frameworks. Source: CDOTrends.
5. Windows Shell Zero-Day Vulnerability Allows Attackers to Bypass Authentication: Another critical zero-day vulnerability in Windows Shell has been identified, allowing attackers to bypass authentication mechanisms. This vulnerability is being actively exploited, emphasizing the need for immediate patching and heightened security measures. Source: Cyberpress.

Vulnerabilities & Patches

1. Multiple Endpoint Manager bugs patched by Ivanti: Ivanti has released patches for several vulnerabilities in its Endpoint Manager, including a critical remote authentication bypass tracked as CVE-2026-1603 with a CVSS score of 8.6. This flaw could allow attackers to exploit systems remotely, emphasizing the need for immediate updates. Source: Security Affairs.
2. Apple iPhone Users, Urgently Update To iOS 26.3 — 39 Security Issues Fixed: Apple has addressed 39 security vulnerabilities in its latest iOS 26.3 update, with the most critical being CVE-2026-20700, a memory corruption issue in the Dynamic Link Editor. This vulnerability could allow attackers to execute arbitrary code, making it crucial for users to update their devices promptly. Source: NDTV Profit.
3. Apple fixes zero-day flaw used in 'extremely sophisticated' attacks: Apple has patched zero-day vulnerabilities CVE-2025-14174 and CVE-2025-43529, which were reportedly used in highly sophisticated attacks. These vulnerabilities highlight the ongoing threat landscape and the importance of keeping systems updated. Source: Bleeping Computer.
4. CVE-2026-25646: Legacy Libpng Flaw Poses RCE Risk: A critical vulnerability in the widely-used libpng library, CVE-2026-25646, poses a remote code execution risk. Organizations are advised to treat this as both a patching priority and a supply chain risk due to its widespread use. Source: eSecurity Planet.
5. GitLab urges users to update after patching high-risk flaws: GitLab has released urgent patches for high-risk vulnerabilities affecting repositories and services, including cross-site scripting and injection-based flaws like CVE-2025-14560. Users are strongly encouraged to update to protect against potential exploits. Source: NotebookCheck.

Podcasts

1. State, local government cyber's 'new normal': This podcast explores the evolving landscape of cybersecurity within state and local governments, highlighting the challenges and strategies in adapting to the 'new normal' of cyber threats. It provides insights from experts on how these entities are managing cybersecurity risks and implementing effective measures. New episodes are released every Wednesday, offering timely updates and discussions. Source: StateScoop.
2. Regulatory Horizons: Cybersecurity and FDA Regulated Companies: This podcast delves into the intersection of cybersecurity and FDA regulations, discussing the unique challenges faced by companies in this sector. It provides expert analysis on compliance, risk management, and the latest regulatory updates, making it a valuable resource for professionals navigating these complex waters. Source: JD Supra.
3. OpenClaw and Claude Opus 4.6: Where is AI agent security headed?: This episode from IBM's podcast series examines the future of AI agent security, focusing on the latest developments and potential threats in this rapidly evolving field. It offers insights into how AI technologies are being secured and the implications for businesses and consumers alike. Source: IBM.
4. Google gets EU Wiz approval, Microsoft secures Secure Boot certificates: This podcast episode covers recent cybersecurity news, including Google's EU Wiz approval and Microsoft's efforts to secure Secure Boot certificates. It provides a comprehensive overview of these developments and their impact on the cybersecurity landscape, making it a must-listen for industry professionals. Source: CISO Series.

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, it's clear that the cybersecurity landscape is as dynamic as ever. From the operationalization of AI in APAC organizations to the relentless patching of zero-day vulnerabilities, the need for vigilance and proactive measures is paramount. We've explored how prioritizing vulnerabilities based on exploitability and automating incident triage can significantly reduce alert fatigue, as highlighted by experts like Julie Davila at GitLab. In a world where Microsoft Office Word and Windows Shell vulnerabilities are actively exploited, and where Patch Tuesday brings critical updates, staying informed is your best defense. Remember, cybersecurity is a collective effort. Share this newsletter with your friends and colleagues to ensure they, too, are equipped with the latest insights and updates. Together, we can build a more secure digital future. Stay safe, stay informed, and see you in the next issue!

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn