Welcome to the ONSEC Cyber Daily for March 14th. Today, we're diving into a whirlwind of cyber threats and vulnerabilities that have been making headlines. We start with a two-year-old Win32 bug that malicious actors have been exploiting, despite its recent fix. This high-severity zero-day vulnerability in the Win32 kernel subsystem has been a cause for concern, but the AI-driven platform by Aptori is stepping up to reduce risk and ensure compliance. In other news, a top security camera maker is under fire as their devices are being hijacked into a botnet. This comes as a result of cybercriminals abusing a command injection vulnerability in an old IP camera. Meanwhile, CISA has issued warnings about a newly discovered vulnerability in Juniper Junos OS and the impact of Medusa Ransomware on critical infrastructure. Zoom isn't safe either, with multiple vulnerabilities exposing sensitive data. Mozilla and GitLab have also issued urgent updates to prevent add-on failures and attacker logins respectively. Apple isn't far behind, urging iPhone and iPad users to update their devices immediately to patch a critical WebKit vulnerability. In the world of patches, Apache NiFi, Cisco, and Microsoft have all released critical patches for various vulnerabilities. However, the warning for Windows users is clear - update your PC now before hackers strike. Finally, we'll touch on some insightful cybersecurity podcasts. From discussing the myth of talent shortage in the cybersecurity field to the expanding world of state-sponsored cyber warfare, these episodes are a must-listen for anyone interested in the field. Stay tuned for more updates and remember, stay safe in the cyber world.

Exploits Alert

1. Attacks With Newly Addressed Win32 Bug Ongoing For Two Years: A high-severity Win32 kernel subsystem zero-day vulnerability has been exploited by malicious actors for two years before being recently fixed. Source: MSSP Alert
2. Security Camera Maker's Devices Hijacked into Botnet: Cybercriminals are exploiting a command injection vulnerability in an old IP camera to build a botnet, according to security researchers. Source: MSN
3. Juniper Junos OS Improper Isolation Vulnerability Exploited in Wild: CISA has issued a warning about a newly discovered vulnerability in Juniper Junos OS that is being exploited. Source: Cybersecurity News
4. Medusa Ransomware Impacting Critical Infrastructure: The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued a warning about the Medusa ransomware impacting critical infrastructure. Source: Infosecurity Magazine
5. Multiple Zoom Client Vulnerabilities Expose Sensitive Data: The latest vulnerabilities in Zoom highlight the fragility of widely adopted communication platforms in the face of sophisticated cyberattacks. Source: Cyber Security News

Vulnerabilities & Patches

1. Apple's Critical WebKit Vulnerability (CVE-2025-24201): Apple has urged users to update their devices immediately to patch a critical WebKit vulnerability that could allow hackers to exploit the device. The flaw was found in Webkit, the browser engine powering Safari. Source: Live India, Mathrubhumi English.
2. Fortinet Vulnerabilities (CVE-2025-24472): A new Lockbit-linked ransomware group is targeting Fortinet vulnerabilities. CVE-2025-24472 is addressed by the same patch that resolves CVE-2024-24472. The Mora_001 attack chain deploys SuperBlack ransomware for double extortion. Source: SC Media.
3. Cisco's IOS XR Vulnerabilities (CVE-2025-20209): Cisco has patched high-severity bugs in the Internet Key Exchange version 2 (IKEv2) function and in the handling of specific packets. Source: SecurityWeek.
4. VMware ESXi Vulnerabilities (CVE-2025-22224): VMware users are urged to update their ESXi products immediately due to critical vulnerabilities. At least one of these, CVE-2025-22224, has been exploited in real-world attacks. Source: Kaspersky official blog.
5. GitLab's Critical Authentication & RCE Flaws (CVE-2025-27407): GitLab has addressed a critical vulnerability in the Ruby graphql library that could allow remote code execution. Immediate action is recommended. Source: SOCRadar.

Podcasts

1. Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 226: This episode features Thibaut van Marke and Amy Allen from Orlando Health, a network of community and specialty hospitals. They discuss the importance of health care and life sciences in today's world. Source: JD Supra.
2. Prioritizing Your Security Gaps with Pentera - CISO Series: In this episode, Jay Mar-Tang, a field CISO, discusses the importance of prioritizing security gaps in the cyber world. The episode also highlights the need for a pipeline of cyber talent. Source: CISO Series.
3. We've Been Fooled. There Is No Talent Shortage. - CISO Series: This episode challenges the common notion of a talent shortage in the cyber world. Rachel Bicknell leads the discussion, arguing that the perceived shortage is a misconception. Source: CISO Series.
4. PODCAST: Tariffs, peace (maybe) in Ukraine and a shifting global power struggle: Episode 6 discusses the expanding world of state-sponsored cyber warfare. It also touches on the importance of training in National Defence. Source: Defence Connect.

Final Words

And that's a wrap for today's edition of ONSEC Cyber Daily. We've covered a lot of ground, from the ongoing attacks exploiting the Win32 bug to the latest AI-driven platform from Aptori aimed at reducing risk and ensuring compliance. We've also delved into the world of botnets, ransomware, and the myriad of vulnerabilities that continue to challenge our cybersecurity landscape. Remember, knowledge is power. The more we know, the better we can protect ourselves and our organizations from cyber threats. So, don't keep this valuable information to yourself. Share ONSEC Cyber Daily with your friends, colleagues, and anyone else who could benefit from staying informed about the latest in cybersecurity. Stay safe, stay informed, and see you in the next edition of ONSEC Cyber Daily.

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)