Good morning, ONSEC Cyber Daily readers! Today, we're diving into a whirlpool of vulnerabilities, cyber threats, and the evolving landscape of cybersecurity. First up, a red alert for all iPhone users: Safe Data Storage has issued a warning about a potential vulnerability in your devices. Don't delay, update your software immediately! The cybersecurity landscape is becoming increasingly treacherous, with vulnerability researchers working overtime. The solution? Automating patch management to reduce vulnerabilities at scale. In the world of crypto, teen hackers are exploiting SIM vulnerabilities in a massive $37M heist. With weak penalties for young offenders, it's a stark reminder of the urgent need for stronger cybersecurity measures. Speaking of urgency, an alarming 184 million passwords have been leaked, signaling a growing vulnerability in our digital lives. Are you at risk? AI is not immune to cyber risks either. Tune into the INTHEBLACK podcast to learn how to stay protected. In the wake of continued data breaches, cybersecurity experts are calling for more accountability. Listen to the Engineering the Future podcast to hear their insights. Finally, we explore how cybersecurity expectations for Health Tech vendors have changed over the past 12 months. Tune into AHLA's daily podcast for all your health law news. Stay safe, stay updated, and remember, knowledge is your best defense in the cyber world.

Exploits Alert

1. iPhone Users Warned to Update Software Immediately: UK data expert Safe Data Storage has issued a warning to all iPhone users about a vulnerability in their devices that makes them susceptible to cybercriminals. Users are urged to update their software immediately to mitigate the risk. Source: Yahoo! Tech
2. Automating Patch Management Reducing Vulnerabilities at Scale: The cybersecurity landscape has become increasingly treacherous in 2025, with vulnerability researchers identifying a growing crisis. Automating patch management has been identified as a key strategy in reducing vulnerabilities at scale. Source: Cyber Security News
3. Crypto Alert: Teen Hackers Exploit SIM Vulnerabilities In Massive $37M Heist: Crypto SIM swap and social engineering crimes are on the rise, with weak penalties especially for young offenders. A recent exploit of SIM vulnerabilities resulted in a massive $37M heist, highlighting the need for stronger cybersecurity measures. Source: TronWeekly
4. Urgent Cyber Warning for Americans: 184 Million Passwords Leaked: As cyberattacks evolve and cloud storage becomes more prevalent, a recent breach that resulted in 184 million passwords being leaked signals a growing vulnerability in the digital lives of millions. Users are urged to change their passwords and implement stronger security measures. Source: Times of India

Vulnerabilities & Patches

1. Automating Patch Management Reducing Vulnerabilities at Scale (CVE-2024-53677): Recent incidents have highlighted the devastating effects of delayed patching. The Apache Struts vulnerability (CVE-2024-53677) is a prime example of this. Source: Cyber Security News.

Podcasts

1. Cyber Risks from AI (INTHEBLACK Podcast): This episode discusses the limitations of current cybersecurity practices in fully addressing the risks posed by AI. The guest, a member of the offensive security team at Malware Security, provides insights on staying protected. Source: INTHEBLACK
2. More Accountability Please! (Engineering the Future Podcast): In this episode, Sharat Madanapalli, director of InTune AI, agrees that Australian businesses should be more accountable in the wake of continued data breaches. Source: UNSW Newsroom
3. How Have Cybersecurity Expectations for Health Tech Vendors Changed Over the Past 12 Months? (AHLA's Speaking of Health Law Podcast): This episode of AHLA's podcast discusses the evolving cybersecurity expectations for health tech vendors over the past year. The podcast is now a daily newsletter exclusively for AHLA Premium members. Source: iHeartRadio

Final Words

And that's a wrap for today's edition of ONSEC Cyber Daily. As we've seen, the cyber landscape is ever-evolving, with new vulnerabilities emerging and old ones being exploited. From iPhone users being urged to update their software, to the growing crisis of vulnerabilities at scale, and even the shocking $37M heist exploiting SIM vulnerabilities, it's clear that cybersecurity is more important than ever. We've also delved into the urgent cyber warning for Americans with a massive password leak, the importance of timely patch management, the risks from AI, and the call for more accountability in the wake of continued data breaches. And let's not forget the changing cybersecurity expectations for Health Tech vendors. Remember, staying informed is your first line of defense. So, don't keep this valuable information to yourself. Share ONSEC Cyber Daily with your friends and colleagues, because cybersecurity is everyone's responsibility. Let's work together to create a safer digital world. Until tomorrow, stay safe and stay vigilant!

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)