Welcome to today's edition of ONSEC Cyber Daily, where we unravel the tangled web of cybersecurity threats and solutions. In the spotlight today, we delve into the recent Chrome vulnerability that allowed extensions to hijack Google's Gemini panel, raising concerns about potential spying activities despite recent patches. As the Middle East conflict intensifies, the UK's National Cyber Security Centre warns of a cyber spillover risk, with Iran-linked hackers potentially targeting UK organizations. Meanwhile, Microsoft and Google are racing to patch high-risk vulnerabilities, including a Qualcomm zero-day flaw actively exploited in Android devices. Stay informed and secure as we navigate these complex cyber landscapes together.

Exploits Alert

1. Check if your Chrome is up to date: Google's Gemini might still be spying on you: A recently patched vulnerability in Chrome allowed extensions to hijack the new Gemini panel, potentially compromising user privacy by accessing the camera and microphone. Users are advised to update their browsers to ensure protection against this exploit. The vulnerability highlights the importance of keeping software up to date to prevent unauthorized access. Source: Cybernews
2. .NCSC warns of cyber spillover risk amid Middle East conflict: The UK's National Cyber Security Centre (NCSC) has issued a warning about potential cyber spillover risks due to the ongoing Middle East conflict. Nation-state-aligned threat actors may exploit the situation to launch cyberattacks, targeting critical infrastructure to advance their geopolitical interests. Organizations are urged to bolster their cybersecurity measures to mitigate these risks. Source:Industrial Cyber
3. Iran-linked hackers could target UK organisations, NCSC warns: The NCSC has alerted UK organizations about an increased threat of cyberattacks from Iran-linked hackers amid escalating geopolitical tensions. These threat actors may target various sectors to disrupt operations and gather intelligence. Organizations are advised to enhance their cybersecurity posture to defend against potential attacks. Source: Computing UK

Vulnerabilities & Patches

1. Microsoft's February Security Update of High-Risk Vulnerability Notice for Multiple Products: Microsoft's February security update addresses several high-risk vulnerabilities, including six that are actively exploited in the wild. One notable vulnerability is the Windows Shell Security Feature Bypass (CVE-2026-21510), which poses significant risks if left unpatched. Organizations are urged to apply these updates promptly to mitigate potential threats. Source: Security Boulevard.
2. CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog: The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical VMware Aria Operations command injection flaw (CVE-2026-22719) to its Known Exploited Vulnerabilities catalog. This vulnerability is actively exploited, and patches have been released by Broadcom to address the issue. Organizations using VMware products should prioritize applying these patches to prevent potential exploitation. Source: The Hacker News.
3. Critical HPE AutoPass Vulnerability Allows Remote Authentication Bypass: A critical vulnerability in HPE AutoPass (CVE-2026-23600) allows remote attackers to bypass authentication mechanisms. HPE has released patches to address this issue, and organizations are advised to scan for anomalous traffic post-patch to ensure security. Reducing exposure to this vulnerability is crucial to maintaining system integrity. Source: Cyber Press.
4. Qualcomm Zero-Day Exploited in Targeted Android Attacks: A zero-day vulnerability in Qualcomm's graphics component (CVE-2026-21385) has been exploited in targeted attacks on Android devices. Google has released patches to address this high-severity buffer over-read flaw, which affects over 200 Qualcomm chipsets. Users are encouraged to update their devices to protect against potential exploitation. Source: Dark Reading.
5. Severe XSS Vulnerability in Angular i18n Enables Malicious Script Injection: A severe cross-site scripting (XSS) vulnerability in Angular's i18n component (CVE-2026-27970) allows attackers to inject malicious scripts. Patches are available in Angular versions 19.2.19, 20.3.17, 21.1.6, and 21.2.0. Developers using Angular are advised to update to these versions to safeguard their applications from potential attacks. Source: Cyber Press.

Podcasts

1. Big Fat Positive Podcast Celebrates 400 Episodes: This podcast marks a significant milestone, celebrating its 400th episode with a focus on the community that has supported it throughout its journey. The show continues to resonate with listeners by sharing relatable parenting stories and experiences. Source.
2. Our Security Team's Love Language is Buying New Tools - CISO Series: This podcast delves into the evolving landscape of cybersecurity, highlighting the importance of investing in new tools to enhance security measures. Hosted by David Spark, it provides insights into how security teams can effectively manage threats. Source.
3. Cybersecurity News: Chrome Quantum-Safe Certificates, Gemini Live Vulnerability, UK Warns of Iranian Cyberattacks: This podcast episode covers the latest in cybersecurity news, including advancements in quantum-safe certificates and emerging vulnerabilities. It also discusses geopolitical cyber threats, emphasizing the need for vigilance. Source.

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, remember that staying informed is your first line of defense in the ever-evolving world of cybersecurity. Whether it's ensuring your Chrome browser is up to date to fend off vulnerabilities like the Gemini Live panel bug or staying vigilant against potential cyber spillovers from global conflicts, knowledge is power. Our digital landscape is fraught with challenges, from nation-state cyber threats to zero-day vulnerabilities. But together, we can navigate these turbulent waters. Share this newsletter with your friends and colleagues to help them stay secure and informed. Let's build a community that stands strong against cyber threats, one informed reader at a time. Until tomorrow, stay safe and cyber-aware!

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn