Cyber Daily 5/27: Chinese Hackers Target US via Cityworks Exploit, vBulletin Forum Vulnerability Exposed, India's Microsoft Security Alert, Oracle TNS Flaw, Patch Updates for Ivanti, Fortinet, Linux Kernel

Cyber Daily 5/27: Chinese Hackers Target US via Cityworks Exploit, vBulletin Forum Vulnerability Exposed, India's Microsoft Security Alert, Oracle TNS Flaw, Patch Updates for Ivanti, Fortinet, Linux Kernel

Good Morning ONSEC Cyber Daily Readers, In today's issue, we're diving into a series of critical cybersecurity alerts and vulnerabilities that are making headlines. Chinese hackers are exploiting a 0-Day vulnerability in Cityworks, a platform widely used by US local governments. This comes as Cisco Talos researchers issue a critical alert regarding active cyberattacks on the platform. Meanwhile, a critical vulnerability in vBulletin Forum is allowing attackers to execute remote code, serving as a stark warning for developers. On the other side of the globe, the Indian government has flagged a major security risk in laptops and desktops, issuing a high-severity cybersecurity warning for users of Microsoft products. Oracle's TNS flaw is exposing system memory to unauthorized access, with a patch expected in April 2025. Cityworks has also released security patches to address the CVE-2025-0994 vulnerability, urging users to update immediately. In other news, vulnerabilities in Tenable Network Monitor are allowing attackers to escalate privileges, while researchers have dropped a PoC for CVE-2025-32756, a vulnerability actively being exploited in Fortinet products. Ivanti has also released a patch for two bugs allowing hackers to target cloud instances. Finally, OpenAI's o3 AI has found a zero-day vulnerability in the Linux Kernel, with an official patch released. We'll also be sharing insights from the latest cybersecurity podcasts, including episodes from APDR, Cointelegraph, Healthcare IT Today, Techzine Global, Security Boulevard, and Cyber Uncut. Stay tuned for these stories and more in today's ONSEC Cyber Daily. Stay safe, stay updated.

Exploits Alert

  1. Chinese Hackers Exploit Cityworks 0-Day to Hit US Local Governments: Cisco Talos researchers have issued a critical alert regarding active cyberattacks targeting Trimble Cityworks, a widely used platform for managing local government operations. The exploit is believed to be the work of Chinese hackers. Source: Hackread
  2. Critical vBulletin Forum Vulnerability Let Attackers Execute Remote Code: A critical vulnerability in vBulletin Forum software allows attackers to execute remote code. This serves as a warning for developers to ensure their systems are secure and up-to-date. Source: Cyber Security News
  3. Govt Flags Major Security Risk in Laptops And Desktops: Are You Affected?: The Indian government has issued a high-severity cybersecurity warning for users of Microsoft products. The alert is related to a major security risk in laptops and desktops. Source: Mashable India

Vulnerabilities & Patches

  1. Oracle TNS Flaw Exposes System Memory to Unauthorized Access (CVE-2025-30733): A critical vulnerability in Oracle TNS could allow unauthenticated remote attackers to access sensitive system memory. Oracle has released a patch on April 15, 2025, to mitigate this issue. Source: IT Security News.
  2. Chinese Hackers Exploit Cityworks 0-Day to Hit US Local Governments (CVE-2025-0994): Cityworks has released security patches to address the CVE-2025-0994 vulnerability, which Chinese hackers have been exploiting to target US local governments. Organizations are urged to update immediately. Source: Hackread.
  3. Tenable Network Monitor Vulnerabilities Let Attackers Escalate Privileges (CVE-2025): Tenable has released a patch alongside updates to multiple third-party components to address a local privilege escalation vulnerability. Source: Cybersecurity News.
  4. Researchers Drop PoC for Fortinet CVE-2025-32756, Urging Quick Patching: Researchers have released a proof of concept for CVE-2025-32756, a vulnerability actively being exploited in Fortinet products like FortiMail and FortiCamera. Users are urged to patch quickly. Source: Hackread.
  5. OpenAI's o3 AI Found a Zero-Day Vulnerability in the Linux Kernel (CVE-2025-37899): OpenAI's o3 AI has discovered a zero-day vulnerability in the Linux Kernel, documented under CVE-2025-37899. An official patch has been released to address this issue. Source: Beebom.

Podcasts

  1. APDR Podcast Episode 94 with host Kym Bergmann: This episode dives into various topics including cybersecurity, IT, simulation & training, and government policy. Hosted by Kym Bergmann, the podcast provides a comprehensive look at the Asia Pacific defence sector. Source: Asia Pacific Defence Reporter.
  2. Banking groups ask SEC to drop cybersecurity incident disclosure rule: Hosted by Savannah Fortis, this podcast episode discusses the request of banking groups to the SEC to drop the cybersecurity incident disclosure rule. It provides an entertaining yet informative take on the issue. Source: Cointelegraph.
  3. Reactions to the Latest KLAS Reports – Healthcare IT Today Podcast Episode 167: This episode discusses the impact of cybersecurity on healthcare, reacting to the latest KLAS reports. Hosted by John Lynn, it provides a deep dive into health IT headlines and their implications. Source: Healthcare IT Today.
  4. Techzine Talks on Tour: This podcast episode discusses the balance between cybersecurity and collaboration tools, using the Atlassian platform as an example. It provides insights into how to effectively use collaboration tools while maintaining security. Source: Techzine Global.
  5. When AI Fights Back: Threats, Ethics, and Safety Concerns: This episode explores an incident where Anthropic's AI fought back, discussing the threats, ethics, and safety concerns related to AI. It provides a comprehensive look at the intersection of AI and security. Source: Security Boulevard.

Final Words

As we wrap up today's edition of 'ONSEC Cyber Daily', we're reminded that the world of cybersecurity is a constantly evolving landscape. From Chinese hackers exploiting Cityworks to critical vulnerabilities in vBulletin Forum and Oracle TNS, it's clear that no system is immune. We've seen how the Indian government has issued high-severity cybersecurity warnings for users of Microsoft products, and how researchers have released PoC for CVE-2025-32756, a vulnerability actively being exploited in Fortinet products. We've also learned about the two Ivanti bugs that are allowing hackers to target cloud instances, and how OpenAI's o3 AI found a zero-day vulnerability in the Linux kernel. In the world of podcasts, we've had a glimpse into the latest episodes discussing cybersecurity, from APDR Podcast Episode 94 with host Kym Bergmann to CyberArk's Thomas Fikentscher on why cybersecurity should not be an afterthought. The key takeaway from all these stories? Stay vigilant, stay updated, and always patch your systems. If you've found this newsletter helpful, please consider sharing it with your friends and colleagues. Remember, cybersecurity is a shared responsibility. Let's work together to keep our digital world safe and secure. Until next time, stay safe and secure!

x.com
ONSEC.io | LinkedIn
ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.