Good morning, ONSEC Cyber Daily readers! In today's issue, we're diving into a sea of vulnerabilities and patches. We start with Veeam's critical update patching a backup software vulnerability, a move that has sent ripples across the information security sector. But it's not just Veeam on the frontline; Google Chrome users are also urged to act now following a critical security warning. Meanwhile, insurers are being warned about the growing cyber exposure linked to 'token theft' vulnerability. Dell is also in the spotlight, warning customers about multiple vulnerabilities in its Secure Connect Gateway product. In other news, IBM is alerting users about AIX vulnerabilities that allow arbitrary command execution, and CISA has issued an urgent warning about a critical vulnerability in Edimax IP Camera OS. We also delve into the world of cybercrime, with a look at the Chinese "Salt Typhoon" hackers exploiting Exchange vulnerabilities, and the multi-function Betruger backdoor leveraged by RansomHub affiliates. Finally, we wrap up with some podcast recommendations, including an episode on why manufacturing lags in protecting against cyberattacks, and a discussion on how AI is challenging IT. Stay tuned for more details on these stories and more. Stay safe and informed with ONSEC Cyber Daily!

Exploits Alert

1. Veeam Update Patches Critical Backup Software Vulnerability: Veeam has issued an update to patch a critical vulnerability in its Backup & Replication Software. The vulnerability could have potentially allowed cybercriminals to compromise the software. Source: GovInfoSecurity
2. Insurers' Cyber Exposure Grows with 'Token Theft' Vulnerability: Cybersecurity and insurance experts are warning insurers about an increasing vulnerability to token theft. This vulnerability allows attackers to bypass security measures and gain unauthorized access. Source: Business Insurance
3. Multiple Dell Secure Connect Gateway Flaws Allows System Compromise: Dell has issued a warning about multiple vulnerabilities in its Secure Connect Gateway (SCG) product. These vulnerabilities could potentially allow a system compromise. Source: Cybersecurity News
4. New Critical Security Warning For All Google Chrome 134 Users: Google has issued a critical security warning for all users of Google Chrome 134. The company has identified several vulnerabilities that could potentially be exploited by cybercriminals. Source: Forbes
5. CISA Warns of Edimax IP Camera OS Command Injection Vulnerability Exploited in Attacks: The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical vulnerability in Edimax IP Camera OS. The vulnerability, which allows for command injection, has been exploited in attacks. Source: Cybersecurity News

Vulnerabilities & Patches

1. Critical Cisco Smart Licensing Utility flaws now exploited in attacks: Cisco has patched a significant security flaw (CVE-2024-20439) that was previously undocumented. This flaw was exploited in attacks and could potentially compromise user credentials. Source: Bleeping Computer.
2. Veeam RCE bug lets domain users hack backup servers: Veeam has addressed a critical remote code execution vulnerability (CVE-2025-23120) in its Backup & Replication software. This vulnerability could allow domain users to hack backup servers. Source: Bleeping Computer.
3. RansomHub affiliate leverages multi-function Betruger backdoor: The RansomHub affiliate has been spotted exploiting CVE-2022-24521 for privilege escalation and CVE-2023-27532. These vulnerabilities are associated with the multi-function Betruger backdoor. Source: Help Net Security.
4. SAP NetWeaver Directory Traversal Vulnerability Exploited in Attacks: A vulnerability (CVE-2017-12637) affecting SAP NetWeaver Application Server Java versions 7.5 has been exploited in attacks. Unfortunately, patches for this vulnerability are currently unavailable. Source: Cybersecurity News.
5. Windows File Explorer Spoofing Vulnerability Uncovered: A vulnerability in Windows File Explorer (CVE-2025-24071) may be exploited in the wild following the public release of the PoC exploit. Users are urged to patch immediately. Source: GridinSoft.

Podcasts

1. Podcast: Why Manufacturing Lags in Protecting Against Cyberattacks: This episode features Rob Larsen, a security adviser to Silverfort, discussing the reasons behind the lag in cybersecurity efforts by manufacturers. The podcast provides valuable insights into the unique challenges faced by the manufacturing sector. Source: SupplyChainBrain.
2. CyberWire Daily Podcast Ep 2269: This episode of the CyberWire Daily podcast discusses the persistent issue of Remote Code Execution (RCE) flaws. It provides an in-depth analysis of the current cybersecurity landscape and the threats it poses. Source: CyberWire.
3. Shadows Within Shadows: How AI is Challenging IT: This podcast episode delves into the concept of shadow AI and its implications for enterprise security. It provides key takeaways from the discussion and offers a fresh perspective on AI's role in IT security. Source: Security Boulevard.
4. Hey Vendors, What Problem Is Your Product Solving?: This episode from the CISO Series podcast poses a critical question to vendors about the real-world problems their products are designed to solve. It features a 15-minute discussion with two security leaders, providing a concise yet informative listen. Source: CISO Series.

Final Words

As we wrap up today's edition of 'ONSEC Cyber Daily', we hope you found the information valuable in keeping your digital world secure. From the critical Veeam update patching backup software vulnerabilities to the alert on increasing cyber exposure due to token theft, it's clear that the cyber landscape is ever-evolving. Remember, staying informed is the first line of defense against cyber threats. So, don't keep this knowledge to yourself. Share 'ONSEC Cyber Daily' with your friends and colleagues to help them stay one step ahead of cybercriminals. And if you're a fan of podcasts, don't miss out on the latest episodes from CyberWire and CISO Series, where you can gain more insights into the world of cybersecurity. Stay safe, stay informed, and see you in the next edition of 'ONSEC Cyber Daily'.

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)