Welcome to today's issue of ONSEC Cyber Daily. We're diving into the world of cybersecurity, where vulnerabilities are the name of the game. From the CISA warning about a TeleMessage vulnerability to the launch of eQure's Ground-Truth Cybersecurity Platform on Oracle Cloud Infrastructure, it's clear that the digital landscape is constantly evolving. Chinese hackers are exploiting SAP vulnerabilities in a global espionage operation, while the EU launches a vulnerability database to tackle cybersecurity threats. Meanwhile, Broadcom is patching a VMware Tools vulnerability, and iPhone users in India are being targeted by hackers. In the world of patches, Microsoft and Apple are fixing exploited flaws, while Ivanti is patching EPMM vulnerabilities. And let's not forget about the FBI warning about hackers hijacking old routers for cyber operations. Finally, we're tuning into the latest cybersecurity podcasts, from discussions on AI regulation to the evolution of cybersecurity. Stay tuned for more updates and remember, in the world of cybersecurity, staying informed is your first line of defense.

Exploits Alert

1. CISA Warns of TeleMessage Vuln Despite Low CVSS Score: The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a vulnerability in TeleMessage, despite its low CVSS score. The weakness was analyzed and reported by software engineer Micah Lee. Source: Dark Reading
2. Chinese hackers exploit SAP vulnerability in sophisticated global espionage operation: Chinese hackers have exploited a vulnerability in SAP in a sophisticated global espionage operation. The cyber attacks have raised cybersecurity alerts in the enterprise sector. Source: Asaase Radio
3. Broadcom Patches VMware Tools Vulnerability CVE-2025-22247: Broadcom has issued an urgent patch for a vulnerability in VMware Tools, CVE-2025-22247, affecting Windows and Linux VMs. The vulnerability was highlighted by The Cyber Express. Source: The Cyber Express
4. F5 BIG-IP Command Injection Vulnerability Let Attackers Execute Arbitrary System Commands: A vulnerability in F5 BIG-IP allows attackers to execute arbitrary system commands. The vulnerability was reported by Cybernewswire and has raised cybersecurity alerts. Source: Cybersecurity News
5. FBI Issues Warning as Hackers Hijack Old Routers for Cyber Operations: The FBI has issued a warning about cyber actors exploiting known vulnerabilities in end-of-life routers using variants of TheMoon malware botnet. The alert was reported by HSToday. Source: HSToday

Vulnerabilities & Patches

1. Microsoft Windows Scripting Engine Vulnerability (CVE-2025-30397): This memory corruption bug is being actively exploited, allowing for remote code execution. Microsoft has addressed this in their May Patch Tuesday. Source: SC Media
2. Ivanti Endpoint Manager Mobile Vulnerability (CVE-2025-4427): An authentication bypass in Ivanti Endpoint Manager Mobile has been exploited for remote code execution in limited attacks. Ivanti has patched this vulnerability. Source: The Hacker News
3. Microsoft DWM Core Library Vulnerability (CVE-2025-30400): This elevation-of-privilege vulnerability is one of the actively exploited Windows zero-days addressed in Microsoft's May Patch Tuesday. Source: TechTarget
4. SAP Zero-Day Flaw (CVE-2025-42999): SAP has patched a second zero-day flaw that was exploited in recent attacks. The company issued security updates for this flaw. Source: Bleeping Computer
5. ASUS DriverHub Vulnerabilities (CVE-2025-3462 & CVE-2025-3463): ASUS DriverHub, a utility built to simplify driver updates, was found to have two high-risk vulnerabilities. These flaws could enable remote code execution. Source: SOCRadar

Podcasts

1. APDR Podcast Episode 92 with host Kym Bergmann - Asia Pacific Defence Reporter: This podcast episode delves into the national security topic that dominated the election campaign – whether Russia had requested a permanent military. Source: Asia Pacific Defence Reporter
2. Jamming in a ban on state AI regulation - CyberWire: The podcast hosted by Dave Bittner, a security podcast host and one of the founders at CyberWire, discusses the implications of a ban on state AI regulation. Source: CyberWire
3. It's Not Just A Cyber Attack, It's An M&S Cyber Attack - Newscast - BBC: This episode of Newscast discusses a cyber attack on M&S, highlighting the importance of personal customer data security. Source: BBC
4. The Presumption of Innocence Podcast: Episode 61 - A Call to Service - JD Supra: This podcast episode features a guest with a diverse background, including roles as a police officer, teacher, detective, Bergen County Sheriff, and priest. Source: JD Supra
5. The AI Fix #50: AI brings dead man back for killer's trial, and the judge loves it: This episode of the award-winning cybersecurity podcast Smashing Security discusses how AI was used in a trial to bring a deceased man back to life. Source: Graham Cluley

Final Words

And that's a wrap for today's edition of ONSEC Cyber Daily. We hope you found these updates useful and informative. Remember, staying informed is the first step towards ensuring your digital safety. In a world where cyber threats are constantly evolving, it's crucial to stay one step ahead. Share this newsletter with your friends and colleagues to help them stay informed and secure. We'll be back tomorrow with more updates on the latest threats, vulnerabilities, and security news. Until then, stay safe and secure! Remember, we're all in this together. Every share, every update, every alert makes the cyber world a safer place for everyone. So, let's spread the word and make cybersecurity a priority. Thank you for being a part of the ONSEC Cyber Daily community.

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)