Welcome to the ONSEC Cyber Daily! Today's issue is a wake-up call for all of us. The FBI has warned that old routers are vulnerable to hackers, and proxy services like Anyproxy and 5Socks have been accused of aiding cybercriminals. Meanwhile, US lawmakers are slamming the UK's encryption backdoor order to Apple, warning against systemic vulnerabilities that could be exploited by cybercriminals. In other news, Microsoft Bookings has a vulnerability that allows unauthorized changes to meeting details, and AI-driven fake vulnerability reports are flooding bug bounty platforms. We also discuss how AI is set to supercharge cyber threats by 2027, and how a vulnerability in Cisco IOS, XE, and XR allows remote device reboots. We also cover the latest patches from Cisco and SonicWall, and the rise of phone and app scams misusing Europol's name. Plus, we delve into the world of ransomware, with the LockBit gang being hacked and SonicWall urging customers to patch their systems. Lastly, we discuss the latest vulnerabilities and patches for Google Pixel, Samsung, and macOS, and the potential for remote code execution compromise with SysAid vulnerabilities. Stay tuned for more updates and don't forget to check out our podcast episodes featuring discussions on Meta's new AI, JP Morgan Chase's push for stronger security controls, and the future of enterprise cybersecurity. Stay safe and secure!

Exploits Alert

1. Old Routers Vulnerable to Hackers, FBI Warns: The FBI has warned that old routers, such as Anyproxy and 5Socks, are vulnerable to hackers. These routers were allegedly sold with proxy services that aid cybercriminals in hiding their activities. Source: Yahoo! Tech
2. US Lawmakers Criticize UK's Encryption Backdoor Order to Apple: US lawmakers have criticized the UK's order to Apple to create a backdoor in its encryption, warning that it could create systemic vulnerabilities exploitable by cybercriminals and authoritarian regimes. Source: TechRadar
3. Microsoft Bookings Vulnerability Allows Unauthorized Changes to Meeting Details: A vulnerability in Microsoft Bookings allows unauthorized users to change meeting details. This exploit is part of an emerging cybercrime trend known as "PigButchering". Source: GBHackers
4. AI-Driven Fake Vulnerability Reports Flooding Bug Bounty Platforms: AI-generated fake vulnerability reports are flooding bug bounty platforms, creating a worrying trend in the cybersecurity space. Source: GBHackers
5. Cisco IOS, XE, and XR Vulnerability Allows Remote Device Reboots: Cisco has issued a critical security advisory warning of a vulnerability in its IOS, IOS XE, and IOS XR systems that allows remote device reboots. Source: GBHackers

Vulnerabilities & Patches

1. Cisco patches maximum severity vulnerability in IOS XE Software: Cisco has patched a high-severity vulnerability (CVE-2025-20188) in its IOS XE Software that could allow a remote, unauthenticated attacker to upload arbitrary files and achieve path traversal. Organizations are urged to apply the official patches to remain protected. Source: SC Media.
2. SonicWall Issues Patch for Exploit Chain in SMA Devices: SonicWall has released a patch for a series of vulnerabilities (CVE-2025-32819, CVE-2025-32820, and CVE-2025-32821) in its SMA devices that could grant an attacker essentially unfettered control over an impacted device. SonicWall is urging customers to patch their systems. Source: Dark Reading.
3. IXON VPN Client Vulnerability Allows Privilege Escalation for Attackers: Two vulnerabilities (CVE-2025-26168 and CVE-2025-26169) in the IXON VPN client could allow attackers to escalate privileges. IXON has released version 1.4.4 of its VPN client to address these flaws. Source: GBHackers.
4. Threat Actors Exploit Samsung MagicInfo Flaw: There's confusion about whether the latest attacks are exploiting a bug first disclosed and patched last year (CVE-2024-7399), or a new vulnerability in Samsung's MagicInfo solution. Users are advised to ensure their systems are up-to-date. Source: Infosecurity Magazine.
5. Google's Latest Android Update Patches 46 Security Flaws: Google has released an update for Android that patches 46 security flaws, including a zero-day vulnerability known as CVE-2025-27363. The zero-day is a remote code execution flaw that impacts FreeType, an open-source software library. Source: Lifehacker.

Podcasts

1. Cyber Uncut Podcast: Meta fuels its new AI with Facebook content, UK retailers suffer ransomware: In this episode, David Hollingworth and Daniel Croft discuss the launch of Meta's new AI, which is powered by Facebook content. They also touch on the recent ransomware attacks on UK retailers. Source: Cyber Daily.
2. AI Agent & Copilot Podcast: JP Morgan Chase CISO Publicly Pushes for Stronger Security Controls: Tom Smith discusses a letter published by a JP Morgan Chase security executive, emphasizing the need for stronger security controls with SaaS applications. Source: Cloud Wars.
3. ATFM Episode 33: Overcoming challenges for defense financial managers - Guidehouse: This episode provides insights into the challenges faced by defense financial managers, with a focus on national security and budgeting. Source: Guidehouse.
4. Press Freedom & The Cyber Crimes Act - Hard Facts With Maryann-Duke Okon: Maryann Okon discusses the implications of the Cyber Crimes Act on press freedom in this enlightening episode. Source: Nigeria Info FM.
5. Silicon UK In Focus Podcast: Enterprise Cybersecurity in 2025 – Managing Complexity at Scale: Adam Casey, Director of Security at Qodea, discusses the complexities of managing enterprise cybersecurity at scale in this episode. Source: Silicon UK.

Final Words

That's a wrap for today's edition of ONSEC Cyber Daily. We've covered a lot of ground, from the vulnerabilities of old routers to the rise of AI-driven cyber threats. Remember, staying informed is your first line of defense in this ever-evolving cyber landscape. If you found today's newsletter helpful, why not share it with your colleagues and friends? Let's spread the word and help each other stay one step ahead of the cybercriminals. Stay safe, stay updated, and see you in the next edition of ONSEC Cyber Daily.

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)