Welcome to today's edition of ONSEC Cyber Daily, where we unravel the intricate web of cybersecurity threats and solutions. In this issue, we spotlight the critical execution gap in Managed Security Service Providers (MSSPs) as they tackle vulnerability remediation. A glowing circuit board serves as a stark warning sign, highlighting the ever-present cybersecurity threats that loom over our digital infrastructure. The FBI has issued an urgent warning about outdated Wi-Fi routers, which cybercriminals exploit to create proxy networks, masking their malicious activities. Meanwhile, the Cybersecurity and Infrastructure Security Agency (CISA) continues to expand its list of known exploited vulnerabilities, underscoring the relentless pace of cyber threats. In a race against time, Google and Firefox have released emergency patches to address high-severity vulnerabilities, while SolarWinds and VMware are battling critical flaws that could lead to full server takeovers and remote code execution. As organizations and MSSPs strive to close security gaps, the question remains: can patching alone keep us safe, or do we need a more proactive approach to vulnerability management? Join us as we delve into these pressing issues and explore the evolving landscape of cybersecurity. Stay informed, stay secure.

Exploits Alert

1. All Covered Targets MSSP Execution Gap with Managed Vulnerability Remediation Service: A significant gap in managed vulnerability remediation services has been identified, leaving organizations exposed to potential cyber threats. This gap highlights the need for MSSPs to enhance their vulnerability management strategies to protect their clients effectively. Source.
2. FBI Issues Warning to Anyone Using These 'Unsafe' Wi-Fi Routers: The FBI has issued a warning about certain outdated Wi-Fi routers that are vulnerable to cyber attacks. These vulnerabilities allow cybercriminals to exploit the routers as proxy networks, masking their malicious activities. Source.
3. Organizations, MSSPs Need to Mind the Gaps in Their Security: Barracuda: Security gaps in organizations and MSSPs are being exploited by threat actors, emphasizing the importance of addressing vulnerabilities and securing accounts. This calls for a proactive approach to cybersecurity to prevent unauthorized access. Source.
4. US Healthcare Breach Affects 140k: A recent breach in the US healthcare sector has compromised the data of 140,000 individuals. This incident underscores the ongoing threat of cybercrime and the need for robust security measures in healthcare systems. Source.

Vulnerabilities & Patches

1. Google Patches Three High-Severity Chrome Flaws: Google has released an emergency security update to address three high-severity vulnerabilities in Chrome, including CVE-2026-3061, which allows remote attackers to perform out-of-bounds memory reads via crafted HTML pages. This update is crucial for maintaining browser security and preventing potential exploits. Source.
2. Patch These 4 Critical SolarWinds Bugs ASAP: SolarWinds has issued patches for four critical vulnerabilities, with CVE-2025-40538 being the most severe. This flaw enables attackers to create system admin users and execute arbitrary code, posing a significant risk to system integrity. Immediate patching is advised to prevent exploitation. Source.
3. Firefox 148 Patches Sandbox Escapes and AI “Kill Switch”: The latest Firefox update addresses multiple use-after-free vulnerabilities in its JavaScript Engine and Garbage Collector components. These patches are essential for preventing potential sandbox escapes and ensuring browser stability and security. Source.
4. SolarWinds Serv-U Patch Blocks Full Server Takeover: A critical vulnerability, CVE-2025-40538, in SolarWinds Serv-U has been patched, which previously allowed attackers to create their own system administrator accounts. This patch is vital for preventing unauthorized access and maintaining server security. Source.
5. VMware Aria Operations Vulnerability Allows Remote Code Execution: VMware has patched a medium-severity privilege escalation issue, CVE-2026-22721, in its Aria Operations. This vulnerability could have allowed remote code execution, making the update crucial for safeguarding systems against potential attacks. Source.

Podcasts

1. The CyberWire Daily Briefing: This podcast delivers concise and insightful updates on the latest cybersecurity news, including significant breaches and emerging threats. It provides expert analysis and actionable advice for cybersecurity professionals. Source
2. Darknet Diaries: Hosted by Jack Rhysider, this podcast explores the dark side of the internet, sharing real-life stories of hackers, breaches, and cybercrime. Each episode delves into the human element behind cybersecurity incidents, making it both informative and engaging. Source
3. Smashing Security: Hosted by cybersecurity veterans Graham Cluley and Carole Theriault, this podcast offers a humorous take on the week's cybersecurity news. It covers a wide range of topics, from data breaches to privacy issues, with expert guests providing additional insights. Source
4. Hacking Humans: This podcast focuses on the social engineering aspect of cybersecurity, exploring how human psychology is exploited by cybercriminals. It features interviews with experts and real-world stories, offering practical advice on how to protect yourself and your organization. Source
5. Malicious Life: Hosted by Ran Levi, this podcast delves into the history of cybersecurity, exploring famous hacks and the evolution of cyber threats. It combines storytelling with expert interviews to provide a comprehensive understanding of the cybersecurity landscape. Source

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, let's take a moment to reflect on the ever-evolving landscape of cybersecurity. From the glowing circuit boards that signal potential threats to the critical vulnerabilities that demand our immediate attention, it's clear that staying informed is our best defense. Whether it's the FBI's warnings about unsafe Wi-Fi routers or the relentless updates from CISA's exploited vulnerability list, each piece of information is a crucial puzzle piece in our collective effort to safeguard our digital world. Remember, the fight against cybercrime isn't one we can win alone. Share this newsletter with your friends and colleagues to ensure they, too, are equipped with the knowledge to protect themselves and their organizations. Together, we can bridge the execution gaps and fortify our defenses against the lurking cyber threats. Until tomorrow, stay vigilant and stay secure!

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn