Welcome to today's edition of ONSEC Cyber Daily, where the silent whispers of vulnerabilities echo louder than ever. In a world where cyber threats lurk in the shadows, CISA has quietly updated its Known Exploited Vulnerabilities catalog, yet no alarms were raised. As ransomware groups exploit these silent gaps, the Bahamas energy grid stands on high alert, acknowledging the digital age's inherent vulnerabilities. Meanwhile, a fresh SolarWinds flaw emerges, exploited even before CISA's warning could resonate. From Ivanti's zero-day siege to the rapid weaponization of Microsoft Office vulnerabilities by Russian hackers, today's cyber landscape is a battlefield of unseen threats. Stay vigilant, as the digital realm's silence can be deafening.

Exploits Alert

1. CISA Silently Updates Vulnerabilities Exploited by Ransomware Groups: The Cybersecurity and Infrastructure Security Agency (CISA) has quietly updated its list of vulnerabilities exploited by ransomware groups without any formal alert or announcement. This move highlights the ongoing threat landscape and the need for organizations to stay vigilant against potential cyberattacks. Source: The Cyber Express.
2. Cyber Threat Alert for Bahamas Energy Grid: The Bahamas energy grid faces increased vulnerability to cyber threats due to digitization and smart grid technologies. The alert emphasizes the importance of a concrete response to safeguard critical infrastructure from potential cyberattacks. Source: The Tribune.
3. Fresh SolarWinds Vulnerability Exploited in Attacks: A newly discovered vulnerability in SolarWinds, which was patched last week, is being actively exploited in cyberattacks. The U.S. cybersecurity agency CISA has issued warnings, urging organizations to apply patches promptly to mitigate risks. Source: SecurityWeek.
4. Shadow DNS Malware Exploits Router Vulnerabilities: A new malware strain, Shadow DNS, is exploiting router vulnerabilities to intercept internet communications. Detection relies on identifying anomalies such as EDNS0 blocks, underscoring the need for vigilance in network security. Source: Cyberpress.
5. Alert! CISA Warns of 4 Exploited Vulnerabilities: CISA has added a critical-severity SolarWinds Web Help Desk vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, alongside other significant flaws. This alert serves as a reminder for organizations to prioritize patch management and security updates. Source: Cyber Daily.

Vulnerabilities & Patches

1. Critical SolarWinds Web Help Desk Vulnerability Exploited in Active Attacks: A high-severity deserialization flaw in SolarWinds Web Help Desk, tracked as CVE-2025-40551, is under active exploitation. This vulnerability allows remote code execution, posing significant risks to organizations that have not yet applied the available patch. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added this flaw to its Known Exploited Vulnerabilities catalog, urging immediate action. Source: The Register.
2. Critical n8n Flaws Disclosed Along with Public Exploits: The n8n automation tool has been found to contain critical vulnerabilities, including CVE-2025-68613, which have been publicly disclosed along with exploits. These flaws allow attackers to execute arbitrary code, emphasizing the need for users to apply the latest patches released on December 20. Security experts warn of potential widespread exploitation if left unaddressed. Source: Bleeping Computer.
3. Ivanti's Enterprise Mobility Manager Under Siege by Zero-Day Vulnerabilities: Ivanti's Endpoint Manager Mobile (EPMM) software is facing a critical security crisis due to zero-day vulnerabilities being actively exploited. These vulnerabilities allow attackers to gain unauthorized access and control over enterprise mobile devices, prompting urgent patching efforts by security teams. The situation highlights the importance of timely updates to protect sensitive data. Source: WebProNews.
4. Critical ASUSTOR NAS Security Flaw Enables Complete Device Takeover: A critical vulnerability in ASUSTOR NAS devices, identified as CVE-2026-24936, allows attackers to take complete control of affected devices. With a CVSS score of 9.5, this flaw poses a severe threat to data integrity and security. ASUSTOR has released a patch for the ADM 5.x series, and users are strongly advised to update immediately. Source: GBHackers.
5. Chrome Flaws Enable Arbitrary Code Execution and System Crashes: Recent vulnerabilities in Google Chrome, including CVE-2026-1861, allow attackers to execute arbitrary code and cause system crashes. Google has released patches to address these issues, and users are encouraged to update their browsers to mitigate potential exploitation risks. The ongoing use of fuzzing and sanitization tools by Chrome developers underscores the importance of proactive security measures. Source: GBHackers.

Podcasts

1. Ransomware Damage To Cost The World $74B In 2026 - Cybercrime Magazine: This podcast explores the staggering financial impact of ransomware, projecting a global cost of $74 billion by 2026. Featuring insights from victims, law enforcement, vendors, and cybersecurity experts, it provides a comprehensive view of the ransomware landscape and its implications for businesses worldwide. Source.
2. What Cybersecurity Pros Need to Know About OpenClaw and Moltbook | Security Intelligence: Dive into the latest cybersecurity threats with this episode, which focuses on the emerging dangers posed by OpenClaw and Moltbook. Experts Dave McGinnis and Seth provide valuable insights into how these threats operate and what cybersecurity professionals can do to protect their organizations. Source.
3. How Intelligence and AI Are Changing Cyber Defense | Erin Whitmore, Former CIA: This episode of Cyber Sessions, hosted by Joan, features Erin Whitmore, a former CIA operative, discussing the transformative role of intelligence and AI in modern cyber defense. The conversation delves into how these technologies are reshaping strategies and enhancing security measures. Source.
4. Privacy Podcast Episode Four: The Blur Between Privacy And Security - United States - Mondaq: Explore the intricate relationship between privacy and security in this episode, which examines how regulators, cyber insurers, and global privacy laws are evolving. The discussion highlights the importance of justifying data collection purposes and minimizing unnecessary data retention. Source.
5. Beyond the Breach: Rethinking Cyber Resilience in the Age of AI - Silicon UK: This podcast episode challenges traditional notions of cyber resilience, emphasizing the need for innovative approaches in the age of AI. It explores how organizations can adapt to new threats and leverage AI to bolster their cybersecurity strategies. Source.

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, it's clear that the digital landscape is ever-evolving, with new vulnerabilities and threats emerging at every turn. The silent updates from CISA on vulnerabilities exploited by ransomware groups remind us of the importance of staying vigilant and informed. Whether it's the critical flaws in SolarWinds, Ivanti, or the ongoing cyber threats to infrastructure like the Bahamas energy grid, our collective awareness and proactive measures are our best defense. We hope you found today's insights valuable and urge you to share this newsletter with friends and colleagues. By spreading the word, we can build a stronger, more informed community ready to tackle the cyber challenges of tomorrow. Stay safe, stay secure, and see you in the next issue!

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn