Welcome to your daily dose of cyber insights, ONSEC Cyber Daily. Today, we're diving into the world of vulnerabilities and exploits, as we've seen a significant spike in the first few months of 2025. VulnCheck has spotted 159 actively exploited vulnerabilities, with a warning about increased exploits in 2024. We're also looking at the Ivanti Connect Secure 0-Day exploit, which has been used to deploy DslogdRAT and Web Shell. This exploit has been targeted by hackers using over 1000 unique IP addresses, highlighting the broad appeal of Ivanti systems for cybercriminals. In other news, vendors are slowly patching a critical flaw in AMI MegaRAC BMC firmware, and a new Redis DoS vulnerability has been discovered, urging users to patch now. We'll also discuss the incomplete NVIDIA patch to CVE-2024-0132, which exposes AI Infrastructure and Data to critical risks. We'll also touch on the recent Windows folder security risk, the GitLab security update for XSS, DoS & Account Takeover Vulnerabilities, and the critical Commvault RCE vulnerability that has been fixed. Finally, we'll wrap up with some podcast episodes that delve into quantum computing's impact on payments and cybersecurity, training opportunities for security professionals, and the inaugural episode of Eye on Washington. Stay tuned for all this and more in today's ONSEC Cyber Daily.

Exploits Alert

1. VulnCheck Reports 159 Actively Exploited Vulnerabilities in 2025: VulnCheck has identified 159 actively exploited vulnerabilities in the first few months of 2025. The report warns of an increase in exploits compared to 2024, with cybercrime, ransomware, and software defects being the main culprits. Source: CyberScoop.
2. Hackers Exploit Ivanti Connect Secure 0-Day to Deploy DslogdRAT and Web Shell: Security reporter Aman Mishra reports that hackers are exploiting a zero-day vulnerability in Ivanti Connect Secure to deploy DslogdRAT and Web Shell. This highlights the ongoing threat of cybercrime, malware, and vulnerability exploitation. Source: GBHackers.
3. Hackers Use 1000+ IP Addresses to Target Ivanti VPN Vulnerabilities: Cybercriminals are using over a thousand unique IP addresses to exploit vulnerabilities in Ivanti VPN systems. The widespread nature of these attacks underscores the appeal of Ivanti systems to cybercriminals. Source: GBHackers.
4. 1000+ Unique IPs Attacking Ivanti Connect Secure Systems to Exploit Vulnerabilities: Ivanti Connect Secure VPNs, widely used for enterprise remote access, are being targeted by cybercriminals and nation-state actors using over a thousand unique IP addresses. This highlights the high-value nature of these systems to attackers. Source: CyberSecurityNews.

Vulnerabilities & Patches

1. Critical Flaw in AMI MegaRAC BMC Firmware: A critical vulnerability identified as CVE-2024-54085 in AMI MegaRAC BMC firmware was patched on March 11. The patch, however, is just the beginning of a long process to secure the affected systems. Source: Network World.
2. Redis DoS Vulnerability: A new security flaw, CVE-2025-21605, has been discovered in Redis, an open-source in-memory database. This vulnerability can lead to denial-of-service (DoS) attacks, and users are urged to patch immediately. Source: Gridinsoft.
3. Incomplete NVIDIA Patch Exposes AI Infrastructure: The incomplete patch to CVE-2024-0132 has left AI infrastructure and data exposed to critical risks. This highlights the importance of comprehensive patching in cybersecurity. Source: SC Media.
4. NVIDIA NeMo Vulnerability: The vulnerabilities tracked as CVE-2025-23249 in NVIDIA's NeMo highlight the increasing targeting of AI frameworks by attackers. The patch underscores the importance of timely updates. Source: GBHackers.
5. Windows CVE-2025-21204 Vulnerability: Microsoft has explained that the folder, part of a security update for the weak point CVE-2025-21204, is not a security risk. However, the folder cannot be deleted and can permanently block OS updates. Source: Research Snipers.

Podcasts

1. CYBERATHON by Kaspersky: Kaspersky, a global cybersecurity and digital privacy company, has launched a new podcast episode as part of its CYBERATHON initiative. The episode combines cybersecurity and fitness, offering a unique perspective on the digital landscape. Source: MediaBrief.
2. Quantum Computing's Shakeup in Payments, Cybersecurity: This podcast episode from ABA Banking Journal discusses the potential applications of quantum computing in liquidity management and complex payment and settlement chains, highlighting its potential impact on cybersecurity. Source: ABA Banking Journal.
3. Security Clearance Insecurity: The latest episode of this podcast provides training opportunities for security professionals and addresses suitability. It's a valuable resource for professionals seeking to enhance their skills and knowledge in the field. Source: Federal News Network.
4. Eye on Washington: The Inaugural Episode: Federal News Network's new podcast episode, "Eye on Washington," provides insights into key federal cybersecurity issues. It's a must-listen for anyone interested in the intersection of technology and government. Source: Federal News Network.

Final Words

That's a wrap for today's edition of ONSEC Cyber Daily! We've covered a lot of ground, from the 159 actively exploited vulnerabilities spotted by VulnCheck to the exploits of Ivanti Connect Secure and the slow patching of critical flaws. It's clear that the cyber landscape is ever-evolving, and staying informed is our best defense. Remember, cybersecurity is a shared responsibility. If you found today's newsletter helpful, please consider sharing it with your friends and colleagues. Together, we can stay one step ahead of the cybercriminals. Stay safe, stay informed, and see you in tomorrow's edition of ONSEC Cyber Daily!

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)