Good morning, ONSEC Cyber Daily readers! Today, we're diving into a series of alarming cybersecurity developments that have surfaced across the globe. First up, we're discussing a new warning issued over toll fee scams, a deceptive practice that's causing havoc for unsuspecting victims. In other news, a flaw in XenServer Windows VM Tools is enabling attackers to run arbitrary code, putting countless systems at risk. We're also shedding light on a vulnerability in the Wordpress TI WooCommerce Wishlist Plugin that's exposing over 100,000 websites to potential cyberattacks. Meanwhile, the UK's NHS data could be exposed due to an exploit in Ivanti's software. In Pakistan, a nationwide alert has been issued following a massive data breach affecting 180 million netizens. On the tech front, Google has released a critical Chrome update, and ASUS router backdoors continue to affect devices even after firmware updates. We'll also be discussing high-severity vulnerabilities patched in Chrome 137 and Firefox 139, and a zero-interaction flaw in Firefox that allows attackers to run arbitrary code. In our podcast corner, we're featuring the latest episodes from Smashing Security, The Med Device Cyber Podcast, and Security DNA podcast. Stay tuned for these stories and more in today's issue of ONSEC Cyber Daily. Remember, knowledge is power when it comes to cybersecurity. Stay informed, stay safe!

Exploits Alert

1. New Warning Issued Over Toll Fee Scams: Cybercriminals are exploiting toll fee systems to scam unsuspecting victims. Users are advised to be vigilant and verify any suspicious emails or messages related to toll fees. Source: IT Security News
2. XenServer Windows VM Tools Flaw Enables Attackers to Run Arbitrary Code: A vulnerability in XenServer Windows VM Tools has been discovered that could allow attackers to execute arbitrary code. Users are advised to apply patches as soon as they become available. Source: GBHackers
3. Wordpress TI WooCommerce Wishlist Plugin Vulnerability Exposes 100,000+ Websites: A critical vulnerability in the Wordpress TI WooCommerce Wishlist Plugin could expose over 100,000 websites to cyberattacks. The vulnerability, designated as CVE-2025-47577, is expected to be exploited imminently. Source: Cybersecurity News
4. Ivanti Vulnerability Exploit Could Expose UK NHS Data: A vulnerability in Ivanti software could potentially expose sensitive data from the UK's National Health Service (NHS). NHS England is monitoring the situation and has a high severity alert system in place. Source: Infosecurity Magazine
5. Pakistan's Cyber Agency Issues Nationwide Alert After 180 Million Netizens Report Data Breach: Pakistan's cyber agency has issued a nationwide alert following a massive data breach affecting 180 million internet users. Cybersecurity experts are warning of an increase in attacks linked to the exposed data. Source: Dynamite News

Vulnerabilities & Patches

1. Google Chrome Critical Update (CVE-2025-5280): Google has released a critical update for its Chrome web browser to patch two significant security flaws. Users are urged to update their browsers by June 5 to ensure their online safety. Source: Laptop Mag.
2. ASUS Router Backdoors (CVE-2025-5272): ASUS RT-AX55 models that have not received a patch for the vulnerability are at risk. The backdoor issue affects 9,000 devices and persists even after firmware updates. Source: SC Media.
3. Chrome 137, Firefox 139 High-Severity Vulnerabilities (CVE-2025-5063): Both Chrome and Firefox have patched high-severity memory safety issues. The vulnerabilities include a use-after-free defect in Compositing. Source: SecurityWeek.
4. Zero-Interaction libvpx Flaw in Firefox (CVE-2025-5268): A zero-interaction flaw in Firefox's libvpx could allow attackers to run arbitrary code. Memory safety bugs could enable high-severity vulnerabilities. Source: GBHackers.
5. Chrome Security Patch for High-Severity Vulnerabilities (CVE-2025-5283): Google has addressed a use-after-free vulnerability in libvpx with a security patch for Chrome. If left unpatched, these vulnerabilities could allow attackers to execute arbitrary code. Source: GBHackers.

Podcasts

1. Smashing Security podcast #419: This episode, hosted by Graham Cluley & Carole Theriault, delves into the world of Star Wars, the CIA, Instagram scams, and Legal Aid leaks. It provides an engaging and informative look into the latest cybersecurity issues. Source: Smashing Security
2. The Med Device Cyber Podcast: Blue Goat Cyber celebrates its 21st episode, continuing to empower MedTech teams with expert insights on cybersecurity and FDA compliance. This podcast is a valuable resource for those in the medical technology field. Source: EIN Presswire
3. Hot ETFs: Cybersecurity, Income & Bitcoin - TradingView: In this episode, Christian Magoon, Founder and CEO of Amplify ETFs, discusses the latest trends in cybersecurity, income, and Bitcoin. It's a must-listen for those interested in the intersection of finance and cybersecurity. Source: TradingView
4. Can AI Really Keep You Safe? The Truth with Geva Barash - Security Info Watch: In this episode, Secure Our City Founder & CEO Geva Barash explores the role of AI in cybersecurity. It's a thought-provoking discussion on the potential and limitations of AI in ensuring safety. Source: Security Info Watch
5. Defence Property Podcast: This episode discusses how ADF members can turn frequent relocations into investment opportunities. Co-hosts Liam Garman and Kane Dury provide valuable insights for those in the defense sector. Source: Defence Connect

Final Words

And that's a wrap for today's edition of 'ONSEC Cyber Daily'. We hope you found our insights valuable in navigating the ever-evolving landscape of cybersecurity. Remember, knowledge is power, and sharing this power can make a world of difference. So, don't keep it to yourself. Share this newsletter with your friends and colleagues to help them stay one step ahead of the cyber threats lurking in the digital shadows. Stay safe, stay informed, and remember, the best defense is a good offense. Keep your eyes open for tomorrow's edition where we'll bring you more updates from the world of cybersecurity. Until then, keep your data secure and your systems updated. Goodbye and stay cyber safe!

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)