Welcome to the ONSEC Cyber Daily for March 18, 2025. Today, we're diving into a sea of vulnerabilities and patches. Samsung is facing an impossible deadline, urging users to update their phones within 7 days to avoid potential disasters. Meanwhile, the job market is buzzing with opportunities for cybersecurity professionals ready to tackle these vulnerabilities head-on. In other news, hackers are exploiting a TP-Link vulnerability to gain root access, and a malicious code has hit over 23,000 GitHub Repos. Commercial trucks and buses are also under threat, with researchers warning of their vulnerability to cyberattacks. On the software front, a critical Windows security vulnerability has been discovered, and Microsoft has patched 56 vulnerabilities, including 7 zero days. Adobe Acrobat vulnerabilities have also been highlighted, emphasizing the importance of patch management. In the podcast world, we have a range of episodes discussing everything from leadership lessons from cyber crises to the necessity of maintaining U.S. cyber operations against Russia. Bestselling author Nicole Perlroth has also launched a new cybersecurity podcast series. Stay tuned for more updates and remember, staying informed is the first step towards cybersecurity.

Exploits Alert

1. Samsung's Impossible Deadline—You Have 7 Days To Update Your Phone: Samsung is facing a significant challenge due to its lack of control over its hardware and software, unlike its competitors Google and Apple. This can lead to potential disaster scenarios when it comes to security updates. Source: Forbes
2. Hackers Exploiting TP-Link Vulnerability to Gain Root Access: The FBI has issued an urgent warning about the increasing threat of malicious file conversion tools being used by hackers to spread malware. The TP-Link vulnerability is being exploited to gain root access. Source: Cyber Security News
3. Malicious Code Hits 'tj-actions/changed-files' in 23,000 GitHub Repos: A malicious code has been found in 'tj-actions/changed-files' in 23,000 GitHub repositories. This highlights the importance of AI-driven cybersecurity training to counter emerging threats. Source: Hackread
4. Researchers Remotely Hack Commercial Trucks & Buses to Unlock Them: Security researchers have issued an urgent warning about the vulnerability of commercial trucks and buses to cybersecurity attacks. The vehicles can be remotely hacked and unlocked, posing a significant threat. Source: GBHackers
5. CERT-In Issued Warning for Rising Technosoft Vulnerabilities: CERT-In has issued a warning about vulnerabilities in Rising Technosoft, affecting all versions prior to 2.0.4. These vulnerabilities pose a cybersecurity risk to end users and could potentially enable attackers. Source: The Cyber Express

Vulnerabilities & Patches

1. Critical Windows Security Vulnerability (CVE-2025-24983): ESET researchers have discovered a significant security flaw in older Windows versions. Users are advised to update their systems to the latest versions to avoid potential security threats. Source: IT-daily.net
2. Microsoft Patches 56 Vulnerabilities, Including 7 Zero Days (CVE-2024-43572): Microsoft has released an update patching 56 vulnerabilities, including seven zero days. This is the second zero day in MMC to be exploited in the wild. Users are urged to install the update promptly. Source: SecurityBrief UK
3. 'Mora_001' Ransomware Exploiting Fortinet Bug (CVE-2024-55591): The 'Mora_001' ransomware gang is exploiting a Fortinet bug that CISA spotlighted in January. Federal civilian agencies were given one week to patch the vulnerability. Source: The Record
4. Wazuh SIEM Vulnerability Enables Remote Malicious Code Execution (CVE-2025-24016): A vulnerability in Wazuh SIEM could allow remote malicious code execution. The flaw has been patched in Wazuh version 4.9. Users are advised to update to the latest version. Source: GBHackers
5. Tomcat Vulnerability Exploited to Take Over Apache Tomcat Servers (CVE-2025-24813): A vulnerability in Tomcat is being exploited in the wild to take over Apache Tomcat servers. Organizations are advised to prioritize this patch due to the severity of the vulnerability. Source: Cybersecurity News

Podcasts

1. From Log4J to MOVEit: What Cyber Crises Teach Us About Leadership: This episode features a conversation with Dan Potter, Senior Director of Operational, discussing the lessons learned from recent cyber crises and their implications on leadership. Source: iHeart
2. A reel disaster for GitHub - CyberWire Daily: Episode 2266 of the CyberWire Daily podcast discusses the recent cyber incident at GitHub, providing insights and analysis. Source: CyberWire
3. #ExploreSkoda: Smart Cars, Smart Protection: How We Secure Your Vehicles: In this episode, Michaela Kamarašová explains how Škoda safeguards its vehicles from cyber threats, providing an insight into the intersection of automotive technology and cybersecurity. Source: Škoda Storyboard
4. ESG Essentials: What You Need To Know Now - Episode 18 - The Reshaping of ESG & DEI: This podcast episode discusses the transformation of ESG elements due to executive orders and state laws. Hosts David Colvin and Karen Davis provide insights. Source: JDSupra
5. Cybersecurity experts say it's necessary to maintain U.S. cyberoperations against Russia: This episode discusses the necessity of maintaining U.S. cyberoperations against Russia, providing expert opinions and analysis. Source: WBUR

Final Words

And that's a wrap for today's edition of 'ONSEC Cyber Daily'. We hope you found these updates valuable in keeping your digital world secure. Remember, cybersecurity is a shared responsibility. So, don't keep this information to yourself. Share this newsletter with your friends, colleagues, and network to help them stay informed and safe. In the ever-evolving landscape of cyber threats, staying updated is not just an option, but a necessity. So, let's continue to learn, share, and secure. See you in the next edition of 'ONSEC Cyber Daily'. Until then, stay safe and secure!

x.com

X (formerly Twitter)

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn