Welcome to the May 2nd edition of ONSEC Cyber Daily, your daily dose of cybersecurity news and updates. Today, we delve into the major cyber attack that left M&S Percy Pig fans in disarray and exposed critical vulnerabilities. We also explore the new wave of VPN exploits targeting SMA devices, as SonicWall raises the alarm. In other news, SK Telecom's data breach has raised suspicions of a link to China-backed hackers, while SonicWall's OS Command Injection Vulnerability is being exploited in the wild. As we celebrate World Password Day 2025, we're reminded that password vulnerabilities remain a favorite target for hackers worldwide. The FBI has uncovered a massive phishing operation, and we'll discuss the latest security updates for Dell OpenManage Server Administrator and the new wave of VPN exploits. We'll also touch on the recent Tesla Model 3 VCSEC Vulnerability and the Netgear EX6200 flaw that enables remote access and data theft. In our podcast section, we'll highlight episodes discussing national defense readiness, the impact of cybersecurity on patient safety in medical devices, and China's cyber economic warfare. Stay tuned for these stories and more in today's ONSEC Cyber Daily. Stay safe and informed!

Exploits Alert

1. M&S Percy Pig Cyber Attack: A significant cyber attack has caused supply chain disruptions for M&S Percy Pig, leaving fans devastated. The incident has exposed critical vulnerabilities and raised concerns about contactless payment security. Source: Mirror
2. SonicWall VPN Exploits: SonicWall has confirmed active exploitation of multiple vulnerabilities in its Secure Mobile Access (SMA) appliances. The company has issued updated advisories in response to this new wave of VPN exploits. Source: MSSP Alert
3. SK Telecom Data Breach: A data breach at SK Telecom has raised suspicions of links to China-backed hackers. The incident has highlighted vulnerabilities in widely used cybersecurity infrastructure. Source: Chosun
4. SonicWall OS Command Injection Vulnerability: A command injection vulnerability in SonicWall OS has been exploited in the wild. This incident underscores the evolving role of the Chief Information Security Officer (CISO) in today's digital landscape. Source: Cyber Security News
5. FBI Uncovers LabHost PhaaS Operation: The FBI has uncovered 42,000 phishing domains tied to the LabHost PhaaS operation. This operation, which was recently disabled by law enforcement, had enabled cybercriminals to target victims from November 2021 through April 2024. Source: GBHackers

Vulnerabilities & Patches

1. DSA-2024-481: Security Update for Dell OpenManage Server Administrator (OMSA) Vulnerabilities: Dell has released a security update for its OpenManage Server Administrator (OMSA) to patch the vulnerability CVE-2024-45760. The vulnerability, if exploited, could allow unauthorized access to the system. Source: Dell
2. SonicWall Flags New Wave of VPN Exploits Targeting SMA Devices: SonicWall has identified new VPN exploits, CVE-2023-44221 and CVE-2024-38475, affecting several SMA products. Users are urged to update their systems to the latest patches to mitigate the risk. Source: MSSP Alert
3. Tesla Model 3 VCSEC Vulnerability Lets Hackers Run Arbitrary Code: A vulnerability (CVE-2025-2082) in Tesla Model 3's VCSEC could allow hackers to run arbitrary code. Tesla has silently rolled out a patch in 2024 to address this issue. Source: GBHackers
4. Netgear EX6200 Flaw Enables Remote Access and Data Theft: Netgear's EX6200 firmware version 1.0.3.94 has multiple vulnerabilities (CVE-2025-4148, CVE-2025-4149, and CVE-2025-4150) that could enable remote access and data theft. Users are advised to apply the latest patches. Source: GBHackers
5. Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach: Commvault has confirmed a breach in Azure via CVE-2025-3928 zero-day exploit. The company has reported no data loss and CISA mandates a patch by May 19. Source: The Hacker News

Podcasts

1. The Crypto President - The New York Times: This podcast explores the intersection of cryptocurrency and politics, focusing on the potential implications of a security commitment from the United States. Source: The New York Times.
2. National Defence Readiness and Military Tradition, with Robert Borsak: Episode 10 delves into the contested ground of cyber warfare, global politics, and the power of truth in the information age. Source: Defence Connect.
3. Downloading Malicious Photo Can Hack Your Phone | Aviator Game - YouTube: This podcast episode from the Cyber Security Podcast Series discusses new cyber fraud cases, including how a simple image download on WhatsApp can lead to hacking. Source: YouTube.
4. We get Privacy for work: Defining Reasonable Safeguards - Jackson Lewis: This podcast episode discusses cybersecurity policies that can withstand regulatory scrutiny and defines what constitutes reasonable safeguards. Source: Jackson Lewis.
5. AI Legislation: The Statewide Spotlight — The Consumer Finance Podcast | JD Supra: This special crossover episode provides insights into best practices for cybersecurity in the context of AI legislation. Source: JD Supra.

Final Words

And that's a wrap for today's ONSEC Cyber Daily! From the Percy Pig supply chaos to the new wave of VPN exploits, we've covered a lot of ground. But remember, cybersecurity isn't a one-person job. It's a team effort. So, share this newsletter with your friends and colleagues. Let's work together to stay one step ahead of the cybercriminals. Stay safe, stay informed, and remember, knowledge is power. See you in the next edition of ONSEC Cyber Daily. Until then, keep your data secure and your systems patched.

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)