Welcome to today's issue of ONSEC Cyber Daily, where we bring you the latest and most impactful cybersecurity news. Today, we delve into the changing cybercrime landscape as Telegram starts cooperating with law enforcement, pushing malicious actors to seek other platforms. We also examine the increasing efficiency of cyberattacks, with a high count of disclosed vulnerabilities providing cybercriminals with numerous entry points. In the spotlight are the 2,850+ Ivanti Connect Secure Devices exposed to potential cyberattacks, urging customers to be vigilant. We also discuss the active exploitation of critical Microsoft and Synacor zero-days, emphasizing the importance of timely patching. In our special feature, we address the challenge of non-patchable security and explore a critical XSS vulnerability in a WordPress plugin threatening over two million websites. We also highlight the GRUB2 flaws exposing millions of Linux devices to exploitation and the vulnerability of nearly 3,000 Ivanti Connect Secure instances to a critical flaw. In our podcast corner, we bring you a taste of things to come with shadow minister for defense Andrew Hastie, discussing the expanding world of state-sponsored cyber warfare. We also share insights from Tony Anscombe's monthly security roundup and a discussion on modern CISO strategies. Stay tuned for more updates on the cyber landscape and remember, knowledge is the best defense against cyber threats. Stay safe, stay informed with ONSEC Cyber Daily.

Exploits Alert

1. Improving Threat Intelligence Collection: With Telegram now cooperating with law enforcement, the cybercrime landscape is changing as malicious actors seek alternative platforms. The importance of improving threat intelligence collection is highlighted in this new environment. Source: ChannelE2E.
2. Cyberattacks Become Increasingly Efficient: The high number of disclosed vulnerabilities in the past year has provided cybercriminals with numerous entry points. Software suppliers remain a top target, emphasizing the need for robust cybersecurity measures. Source: MSSP Alert.
3. Ivanti Connect Secure Devices Exposed: Over 2,850 Ivanti Connect Secure Devices are exposed to potential cyberattacks. State-sponsored groups and cybercriminals are actively scanning for these vulnerabilities to compromise high-value targets. Ivanti has urged customers to take necessary precautions. Source: GBHackers.

Vulnerabilities & Patches

1. Critical Microsoft, Synacor zero-days face active exploitation, CISA says: Microsoft and Synacor have released patches for critical zero-day vulnerabilities (CVE-2024-0012 and CVE-2024-9474) that are currently being actively exploited. The patches were released on July 26, 2023, in version 8.8. Source: SC Magazine
2. Addressing the challenge of non-patchable security: The article discusses the challenge of addressing non-patchable security issues, which are vulnerabilities that cannot be fixed by software updates. These vulnerabilities are often identified with a CVE (Common Vulnerabilities and Exposures). Source: BetaNews
3. Critical XSS Vulnerability in WordPress Plugin Threatens Over Two Million Websites: A critical cross-site scripting (XSS) vulnerability in a WordPress plugin threatens over two million websites. An update has been released to safeguard websites and their users from potential attacks. Source: Vulnera
4. GRUB2 Flaws Expose Millions of Linux Devices to Exploitation: Seven vulnerabilities in GRUB2, including Squash4 (CVE-2025-0678) and JFS (CVE-2025-0685), expose millions of Linux devices to potential exploitation. Patches have been released to address these vulnerabilities. Source: GBHackers
5. Nearly 3,000 Ivanti Connect Secure instances vulnerable to critical flaw: Ivanti disclosed and patched a critical vulnerability (CVE-2025-22467) affecting nearly 3,000 Ivanti Connect Secure instances. The company was not aware of any exploitation of the vulnerability prior to the public disclosure. Source: Cybersecurity Dive

Podcasts

1. Defence Connect Podcast: This podcast features an engaging discussion with Andrew Hastie, the shadow minister for defence. The episodes focus on the expanding world of state-sponsored cyber warfare and the importance of training in National Defence. Source: Defence Connect
2. This Month in Security with Tony Anscombe: The February 2025 edition of this podcast discusses the trend of decreasing ransomware payments and other cyber security issues. Source: WeLiveSecurity
3. Smashing Security Podcast: This podcast discusses the biggest heist in history and the issue of online abuse. It also includes an incident update involving an ETH Cold Wallet. Source: YouTube
4. Health-e Law Podcast: In this episode, Jonathan Meyer, a partner at Sheppard Mullin, discusses the impact of the new Trump administration on health technology. Source: The National Law Review
5. Work This Way: A Labor & Employment Law Podcast: This podcast discusses cybersecurity and privacy risks in healthcare. Source: JD Supra

Final Words

And that's a wrap for today's edition of ONSEC Cyber Daily. We've journeyed through the ever-evolving landscape of cybercrime, explored the increasing efficiency of cyberattacks, and delved into the world of vulnerabilities and patches. We've also tuned into some insightful cybersecurity podcasts and kept you updated on the latest news. Remember, the world of cybersecurity is a shared responsibility. So, don't keep this valuable information to yourself. Share this newsletter with your friends, colleagues, and anyone else who could benefit from a daily dose of cybersecurity knowledge. Stay safe, stay informed, and see you in the next edition of ONSEC Cyber Daily.

x.com

X (formerly Twitter)

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn