Good morning, ONSEC Cyber Daily readers! Today's issue is packed with critical updates and insights on the latest cybersecurity threats and vulnerabilities. We start with a deep dive into the CentreStack vulnerability and what it means for MSSPs and MSPs. As AI defenses evolve, so do AI cyberthreats, and we'll explore how these two forces are shaping the future of cybersecurity. Next, we'll discuss the Fortinet Zero-Day Bug and its potential for arbitrary code execution, followed by an urgent alert for Android users on older versions who are at high risk of data breaches. We'll also touch on the recent WhatsApp security flaws and the rise of cybercriminals targeting students and parents through fake scholarship schemes. We'll then shift our focus to the latest vulnerabilities detected in Google Chrome and Samsung's Galaxy S24, and how these are being addressed. We'll also look at the mysterious folder that appeared after the Windows 11 update and why Microsoft is warning users not to delete it. Finally, we'll round up with a recap of the latest CVEs, patches, and exploits, including those affecting NVIDIA and Docker users, Ivanti VPN, and IBM Aspera Faspex. As always, we'll also bring you the latest episodes from your favorite cybersecurity podcasts, covering topics from MSSPs and CVE drama to detection engineering and cybercrime. Stay safe and informed with ONSEC Cyber Daily!

Exploits Alert

1. CentreStack Vulnerability Impact on MSSPs and MSPs: The CentreStack vulnerability highlights the need for AI defenses to evolve in response to AI cyberthreats. The modular platform's emergence is a significant concern for Managed Security Service Providers (MSSPs) and Managed Service Providers (MSPs). Source: MSSP Alert
2. Fortinet Zero-Day Bug: A zero-day bug in Fortinet may lead to arbitrary code execution, posing a significant cybersecurity threat. Users are advised to keep up with the latest cybersecurity threats and newly discovered vulnerabilities. Source: Dark Reading
3. Android Vulnerability Alert: Android users on older versions are at high risk of data breaches. If these vulnerabilities are not patched, cybercriminals could take full control of Android devices, leading to significant data loss. Source: Good Returns
4. WhatsApp Security Flaws: The government has flagged security flaws in WhatsApp, stating that hackers can launch attacks through these vulnerabilities. Cybercriminals are now targeting students and parents through fake scholarship schemes. Source: MSN
5. Google Chrome Browser Vulnerability: A new security vulnerability has been detected in the Google Chrome browser. CERT-In warns of a Chrome bug that allows code execution, and Google has released a fix and rewarded the researcher who discovered it. Source: Deccan Herald

Vulnerabilities & Patches

1. Galaxy S24 Vulnerability Poses Risk of Unauthorized File Access: The CVE-2024-49421 vulnerability in Samsung's Galaxy S24 could allow unauthorized file access. Samsung has quickly rolled out a patch to mitigate the risks. Source: GBHackers
2. Mysterious Folder Appears After Windows 11 Update: Microsoft warns users not to delete a new folder created after a recent Windows 11 update. The folder is part of a security patch addressing the CVE-2025-21204 vulnerability. Source: Trak.in
3. Incomplete Patch Leaves NVIDIA and Docker Users at Risk: An incomplete patch for CVE-2024 leaves NVIDIA and Docker systems vulnerable to potential container escape attacks. Users are advised to apply the complete patch as soon as possible. Source: Hackread
4. Vite Vulnerability Exposes Sensitive Files: CVE-2025-32395 vulnerability in Vite Tool allows for arbitrary file read. The vulnerability has been fixed and users are advised to update their systems immediately. Source: Gridinsoft
5. RCE Exploit Uncovered in Ivanti VPN After Silent Patch Oversight: Researchers at Rapid7 have uncovered a remote code execution exploit in Ivanti VPN, CVE-2025-22457, which had been silently patched without proper disclosure. Source: ChannelE2E

Podcasts

1. The Rise of MSSPs, CVE Drama, Detection Engineering How-To & Doggie Survival Skills – ESW #402: This episode of Enterprise Security Weekly discusses the increasing role of Managed Security Service Providers (MSSPs), the drama surrounding Common Vulnerabilities and Exposures (CVE), and tips for detection engineering. Source: scworld.com
2. Scam Files: AFP trains PH officials to fight cybercrime: This podcast episode highlights the efforts of the Australian Federal Police in training Philippine officials to combat cybercrime, emphasizing the importance of Multifactor Authentication. Source: sbs.com.au
3. Are Australian businesses prepared for cyber attacks? | talkBIG podcast: This episode of talkBIG features a discussion on the preparedness of Australian businesses against cyber attacks, with insights from the National Head of Cyber Security at RSM Australia. Source: rsm.global
4. Responding To Data Breaches: Brent Arnold Shares Insights On Code And Country Podcast: This episode explores the behind-the-scenes actions during a cyber crisis, from early detection to post-breach litigation, with insights from Brent Arnold. Source: mondaq.com
5. AI ambitions clash with cyber caution - CyberWire: This episode of CyberWire discusses the tension between the ambitious goals of Artificial Intelligence and the need for cyber caution, particularly in the context of supply chain security. Source: thecyberwire.com

Final Words

And that's a wrap for today's edition of 'ONSEC Cyber Daily'. We've covered a lot of ground, from the CentreStack vulnerability affecting MSSPs and MSPs, to the Fortinet Zero-Day Bug, and the high-risk data breach for Android users on older versions. We've also touched on the latest cyber threats, vulnerabilities, and patches. Remember, the world of cybersecurity is ever-evolving. Staying informed is your first line of defense. So, don't keep this valuable information to yourself. Share 'ONSEC Cyber Daily' with your friends and colleagues to help them stay one step ahead of the cyber threats. Stay safe, stay informed, and see you in the next edition of ONSEC Cyber Daily.

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)