Good morning, ONSEC Cyber Daily readers! Today's issue is packed with crucial updates from the cybersecurity world. The CISA has issued an alert on the active exploitation of a Microsoft Windows MMC vulnerability, reminding us of the constant battle against cyber threats. Meanwhile, the cybersecurity sector is grappling with burnout, affecting team performance and retention. In the market update, ArmorCode has launched a new partner program, while Google Chrome users are urged to update their browsers due to multiple critical vulnerabilities. The Coalition's Cyber Threat Index 2025 reveals that most ransomware incidents start with compromised VPN devices. Apple and Microsoft have released patches to address security flaws, with Microsoft's March 2025 Patch Tuesday addressing 56 CVEs. In other news, the Blind Eagle Hackers are leveraging Google Drive, Dropbox, and GitHub to bypass security defenses. Finally, don't miss out on the latest episodes from your favorite cybersecurity podcasts, including the CyberWire Daily and the CISO Series. Stay vigilant, stay updated, and let's dive into today's cybersecurity news!

Exploits Alert

1. CISA Alerts on Active Exploitation of Microsoft Windows MMC Vulnerability: The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert about active exploitation of a vulnerability in Microsoft Windows MMC. This serves as a reminder of the ongoing battle against cyber threats and the necessity for continuous vigilance. Source: GBHackers
2. Burnout in cybersecurity: How CISOs can protect their teams (and themselves): Cybersecurity burnout is a growing crisis, impacting team performance and retention. CISOs are advised to adopt a risk-based approach, not treating every vulnerability or alert with the same level of urgency. Source: HelpNetSecurity
3. MSSP Market Update: ArmorCode Launches Partner Program: ArmorCode has launched a new partner program, in response to the discovery of five high-severity flaws that leave systems vulnerable to attacks. Source: MSSP Alert
4. Update your browser! Critical vulnerabilities found in Google Chrome: Multiple critical vulnerabilities have been found in Google Chrome, potentially enabling cyber attackers to steal information and run malicious software. Users are urged to update their browsers immediately. Source: NewsBytes
5. Coalition's Cyber Threat Index 2025 Finds Most Ransomware Incidents Start with Compromised VPN Devices: Coalition's Cyber Threat Index 2025 reveals that most ransomware incidents start with compromised VPN devices. The report emphasizes the need for robust cybersecurity tools to manage and mitigate potential cyber attacks. Source: Business Wire

Vulnerabilities & Patches

1. Apple releases iOS 18.3.2 update to patch exploited iPhone security flaw: Apple has released a crucial update, iOS 18.3.2, to address the CVE-2025-24201 vulnerability. This software flaw could allow malicious web content to exploit the device. Users are urged to install the update immediately. Source: PhoneArena
2. Microsoft's Patch Tuesday reports 6 flaws already under fire: Microsoft's Patch Tuesday has reported six vulnerabilities, including the CVE-2025-24985, a code execution bug in the Windows Fast FAT File System Driver. Users are advised to apply the patches as soon as possible to prevent exploitation. Source: The Register
3. Microsoft's March 2025 Patch Tuesday Addresses 56 CVEs: Microsoft's March 2025 Patch Tuesday has addressed 56 CVEs, including CVE-2025-26633, CVE-2025-24983, and CVE-2025-24993. Users are encouraged to apply the patches immediately to ensure their systems are secure. Source: Security Boulevard
4. Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks: Apple has released a patch for the WebKit zero-day CVE-2025-24201, which has been exploited in sophisticated attacks. The update secures iOS, macOS, and Safari, and users are urged to install it immediately. Source: The Hacker News
5. Microsoft March 2025 Patch Tuesday: Fixes for 57 Vulnerabilities & 6 Actively Exploited Zero-Days: Microsoft's March 2025 Patch Tuesday has fixed 57 vulnerabilities, including six actively exploited zero-days. One of these is CVE-2025-24983, a Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability. Users are advised to apply the patches immediately. Source: Cybersecurity News

Podcasts

1. The CyberWire Daily Podcast Ep 2262: The CyberWire Daily Podcast discusses the latest news and issues in cybersecurity. This episode provides an overview of the current cybersecurity landscape and the challenges it presents. Source: CyberWire
2. Quick Charge: Elon's Cybertruck Rebuild: This episode of Quick Charge discusses Elon Musk's plans to rebuild the Cybertruck that exploded outside the Trump hotel in Las Vegas. The podcast also covers other recent news in the electric vehicle industry. Source: Electrek
3. Next Generation Operating Models in Insurance - Episode 5: Deloitte's podcast episode explores the next generation operating models in the insurance industry, with a focus on cybersecurity. The episode discusses the importance of cyber defense and resilience in the evolving insurance landscape. Source: Deloitte
4. The CyberWire Daily Podcast Ep 2261: This episode of The CyberWire Daily Podcast discusses the recent global attack wave sparked by a PHP flaw. The podcast emphasizes the importance of timely software updates and patches to prevent such attacks. Source: CyberWire
5. The AI Fix #41: Can AIs be Psychopaths, and Why We Should be AI Optimists: This episode of The AI Fix discusses the potential for AI to exhibit psychopathic tendencies and the reasons for optimism about the future of AI. The podcast also covers the latest news and developments in AI and cybersecurity. Source: Graham Cluley

Final Words

And that's a wrap for today's edition of ONSEC Cyber Daily. As we navigate the ever-evolving landscape of cybersecurity, it's crucial to stay informed and vigilant. From the active exploitation of Microsoft Windows MMC vulnerability to the growing concern of cybersecurity burnout, we're here to keep you updated on all things cyber. Remember, the world of cybersecurity is a shared responsibility. We encourage you to share this newsletter with your friends, colleagues, and anyone else who could benefit from this information. Let's work together to create a safer digital environment for all. Until next time, stay safe and secure.

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)