Welcome to today's edition of ONSEC Cyber Daily, where the digital landscape is fraught with vulnerabilities and urgent alerts. As Arizona's election security faces scrutiny amidst global tensions, the potential for cyber threats looms large. Meanwhile, Cisco races against time, issuing emergency patches to shield critical firewall systems from exploitation. The specter of Iran-linked hackers casts a shadow over banks and infrastructure, while healthcare systems grapple with OpenEMR vulnerabilities. Dormant malware lurks in Ivanti devices, and over 1200 IceWarp servers remain exposed to unauthorized access. Qualcomm's chipset flaws demand immediate attention, as Google and CISA confirm active exploitation. In this interconnected web of threats, the urgency to patch and protect has never been more critical. Stay informed, stay secure.

Exploits Alert

1. Could Arizona elections be vulnerable to cyber attacks?: Arizona Secretary of State Adrian Fontes discusses the potential threats to election security, highlighting concerns amid ongoing geopolitical tensions. The conversation underscores the importance of safeguarding electoral processes against cyber threats. Source.
2. Cisco Issues Emergency Patches for Critical Firewall Management Vulnerabilities: Cisco has released emergency patches to address critical vulnerabilities in its firewall management systems. These vulnerabilities could potentially allow unauthorized access and control over network security devices, emphasizing the need for immediate updates. Source.
3. CRITICAL ALERT: Critical Vulnerabilities in OpenEMR Expose Healthcare Systems: OpenEMR, a widely used electronic medical records system, has been found to have critical vulnerabilities that could expose healthcare systems to cyber threats. This alert calls for urgent action to protect sensitive patient data from potential breaches. Source.
4. Ivanti Connect Secure devices may carry dormant RESURGE malware: Ivanti Connect Secure devices are reportedly harboring dormant RESURGE malware, posing a significant risk to network security. Organizations using these devices are urged to conduct thorough security assessments to mitigate potential threats. Source.
5. Over 1200 IceWarp servers still vulnerable to unauthenticated RCE flaw (CVE-2025-14500): A critical remote code execution flaw in IceWarp servers remains unpatched on over 1200 systems, leaving them vulnerable to exploitation. This highlights the urgency for administrators to apply security updates to prevent unauthorized access. Source.

Vulnerabilities & Patches

1. Google Uncovers Coruna iOS Exploit Kit Targeting iOS 13–17.2.1: Google has identified the Coruna iOS Exploit Kit, which targets iOS versions 13 through 17.2.1. The exploit, tracked as CVE-2024-23222, has been patched in iOS 17.3. This discovery highlights the ongoing threats to iOS devices and underscores the importance of keeping systems updated. Source.
2. Galaxy Watch 8 Receives February 2026 Security Update in March: Samsung's Galaxy Watch 8 has received a delayed security update originally scheduled for February 2026. This update includes 25 CVE items from Google and 12 SVE items from Samsung, addressing various vulnerabilities in the Wear OS operating system. Users are advised to apply the update promptly to enhance device security. Source.
3. Google Releases Major Security Update for Android, Patches Over 100 Bugs: Google has rolled out a significant security update for Android, addressing more than 100 vulnerabilities. Among these is CVE-2026-21385, a flaw affecting Qualcomm chipsets. The update aims to bolster Android device security, and users are urged to install it as soon as possible. Source.
4. Cisco Issues Emergency Patches for Critical Firewall Management Vulnerabilities: Cisco has released emergency patches to address critical vulnerabilities in its firewall management systems. The most severe, CVE-2026-20079, is an authentication bypass flaw that could allow attackers unauthorized access. Cisco advises immediate patching to protect systems from potential exploitation. Source.
5. Xiaomi March 2026 Security Update Addresses 129 Critical Vulnerabilities: Xiaomi's latest security update for March 2026 tackles 129 critical vulnerabilities, including a privilege escalation flaw (CVE-2026-0047) in the Framework. This update is crucial for maintaining the security integrity of Xiaomi devices, and users should apply it without delay. Source.

Podcasts

1. Is your robot vacuum safe? Here's why it matters: This episode from the Security Intelligence podcast by IBM delves into the security risks associated with smart home devices, specifically robot vacuums. It highlights potential vulnerabilities that could be exploited by cybercriminals to access personal data and offers insights on how to secure these devices effectively. Source: IBM Security Intelligence.
2. How a cybersecurity boss framed his own employee: In episode 457 of the Smashing Security podcast, cybersecurity expert Graham Cluley discusses a shocking case where a cybersecurity manager framed an employee for a cybercrime. The episode explores the implications of such actions on workplace trust and cybersecurity practices. Source: YouTube - Smashing Security.
3. Inside the FBI Podcast: Introducing Ahead of the Threat, Season Two: The FBI's Cyber Division podcast returns with its second season, focusing on emerging cyber threats and the agency's strategies to combat them. The first episode features insights from John Hultquist on the evolving landscape of cyber warfare. Source: YouTube - FBI Podcast.
4. Cross Examining Cyber EP23: Cross Examining Professor Ciaran Martin – Part 2: This episode features Professor Ciaran Martin, a leading figure in cybersecurity, discussing the challenges and future directions of cyber policy and defense. The conversation provides valuable perspectives on international cyber threats and policy-making. Source: Mondaq.
5. Influential Women Podcast Announces New Episode on Building High-Performing Teams: This episode explores strategies for creating supportive work environments that empower working mothers and enhance team performance. It emphasizes the importance of leadership in fostering inclusive and sustainable workplace cultures. Source: Press Connects.

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, it's clear that the digital landscape is as dynamic as ever. From potential vulnerabilities in Arizona's election systems to critical patches issued by tech giants like Cisco and Google, the need for vigilance in cybersecurity is paramount. The threats are real, whether they're targeting our democratic processes, critical infrastructure, or personal devices. As we navigate this complex cyber world, staying informed is our best defense. We hope you found today's insights valuable and urge you to share this newsletter with your friends and colleagues. By spreading awareness, we can collectively bolster our defenses and ensure a safer digital future for everyone. Until tomorrow, stay secure and stay informed!

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn