Subject: ONSEC Cyber Daily - Celebrity Cyber Attack, Chrome Alert, AI Cybersecurity Gaps, and More Hello ONSEC readers, In today's issue, we're hitting some high notes with a story about a cyber attack against popular Indian singer, Ankit Tiwari. As India faces increasing geopolitical tensions, cybercriminals are not missing a beat, targeting public figures in their malicious schemes. Next, we're shifting our focus to a high-severity alert issued for Google Chrome users. Cybercriminals are exploiting unpatched vulnerabilities, and immediate action is advised to prevent malware injection, data theft, or remote system control. We're also taking a trip to Morocco, where 33% of companies are warning that AI is widening cybersecurity gaps. As technology advances, so does cybercrime, and it's crucial to stay ahead of the curve. Finally, we're wrapping up with a review of the past week, highlighting Microsoft's patching of 5 actively exploited 0-days and a recently fixed Chrome vulnerability. Stay tuned for these stories and more in today's ONSEC Cyber Daily. Stay safe, stay informed. Best, [Your Name]

Exploits Alert

1. Cyber Attack Against Celebrity Singer Ankit Tiwari Triggers Alert: Indian singer Ankit Tiwari has become the latest victim of a targeted cyberattack amid rising geopolitical tensions in the country. The attack has triggered an alert, highlighting the increasing threat to public figures. Source: The420.in
2. Government Issues High-Severity Alert for Google Chrome Users: Immediate Action Advised: Cybercriminals are exploiting unpatched vulnerabilities to inject malware, steal sensitive information, or take remote control of affected systems. The government has issued a high-severity alert for Google Chrome users, advising immediate action. Source: BizzBuzz.news
3. 33% of Moroccan Companies Warn AI Is Widening Cybersecurity Gaps: A third of Moroccan companies have warned that AI is widening cybersecurity gaps, increasing the risk of cybercrime. This highlights the need for improved security measures in the face of advancing technology. Source: Morocco World News

Vulnerabilities & Patches

1. Microsoft Patches 5 Actively Exploited 0-Days: Microsoft has released patches for five actively exploited zero-day vulnerabilities. These flaws were being used by attackers to gain unauthorized access and control over targeted systems. Users are urged to update their systems immediately to mitigate the risk. Source: HelpNetSecurity.
2. High-Severity Chrome Vulnerability (CVE-2025-4664): Google has patched a high-severity vulnerability in Chrome, identified as CVE-2025-4664. The flaw was being exploited by attackers, as confirmed by CISA. Users are advised to update their Chrome browsers to the latest version to protect against this vulnerability. Source: HelpNetSecurity.
3. Apple Patches Actively Exploited WebKit Flaw: Apple has released a patch for a WebKit flaw that was being actively exploited. The vulnerability allowed malicious websites to execute arbitrary code on devices. Users are advised to update their devices to the latest version to protect against this flaw. Source: SecurityWeek.
4. Adobe Fixes Critical Acrobat and Reader Flaws: Adobe has fixed critical vulnerabilities in Acrobat and Reader that could allow an attacker to execute arbitrary code on affected systems. Users are urged to update their software to the latest versions to protect against these vulnerabilities. Source: ZDNet.
5. WordPress Patches Critical PHPMailer Vulnerability: WordPress has patched a critical flaw in PHPMailer that could allow an attacker to take over a website. Users are advised to update their WordPress installations to the latest version to protect against this vulnerability. Source: BleepingComputer.

Podcasts

1. CyberWire X: A podcast that delves into the world of cybersecurity, discussing the latest trends, threats, and solutions. It features interviews with top experts in the field, providing insights into the ever-evolving cyber landscape. Source: CyberWire X.
2. Darknet Diaries: This podcast explores the dark side of the internet, sharing stories from the underworld of hackers, malware, and cybercrime. It's a fascinating look at the hidden aspects of the digital world. Source: Darknet Diaries.
3. The Privacy, Security, & OSINT Show: A podcast that focuses on privacy and security issues, as well as open-source intelligence (OSINT). It offers practical advice on how to protect your privacy and stay secure online. Source: The Privacy, Security, & OSINT Show.
4. Smashing Security: A weekly podcast that breaks down the latest cybersecurity news in an easy-to-understand format. It's a great resource for staying informed about the latest threats and how to protect yourself. Source: Smashing Security.
5. The Cyberlaw Podcast: A weekly podcast that covers the latest legal issues related to cybersecurity. It features interviews with policymakers, academics, and practitioners, providing a comprehensive overview of the legal landscape. Source: The Cyberlaw Podcast.

Final Words

And that's a wrap for today's edition of ONSEC Cyber Daily. From the cyber attack on Ankit Tiwari to the high-severity alert for Google Chrome users, and the widening cybersecurity gaps in Moroccan companies, it's clear that the digital landscape is a battlefield. But remember, knowledge is power. By staying informed, we can all play a part in combating cybercrime. Don't forget to share this newsletter with your friends and colleagues. After all, in the world of cybersecurity, we're stronger together. Let's continue to spread awareness and stay one step ahead of the cybercriminals. Stay safe, stay vigilant, and keep singing your own tune in the face of cyber threats. See you in the next edition of ONSEC Cyber Daily.

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)