Welcome to the June 24th edition of ONSEC Cyber Daily, where today's headlines weave a tale of global cyber intrigue. The spotlight shines on a China-linked group, Salt Typhoon, exploiting a critical Cisco vulnerability to target Canadian telecoms, prompting urgent advisories from both the Canadian Centre for Cyber Security and the FBI. Meanwhile, Citrix and Apple are racing against time to patch critical vulnerabilities in their systems, as new threats like the "UMBRELLA STAND" malware emerge, targeting Fortinet FortiGate firewalls. As the digital battlefield intensifies, organizations worldwide are urged to fortify their defenses against a backdrop of escalating cyber threats. Stay informed, stay secure.

Exploits Alert

1. China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom: The Canadian Centre for Cyber Security and the FBI have issued a warning about a China-linked group exploiting a critical Cisco vulnerability. This exploit targets Canadian telecom infrastructure, emphasizing the need for immediate defensive measures to protect sensitive communications. Source.
2. Citrix Patches Critical Vulnerabilities in NetScaler ADC and Gateway: Citrix has released patches for critical vulnerabilities in its NetScaler ADC and Gateway products. These vulnerabilities could allow unauthorized access, making it essential for users to upgrade their appliances to prevent potential exploitation. Source.
3. NCSC Issues Alert on 'UMBRELLA STAND' Malware Targeting Fortinet FortiGate Firewalls: The National Cyber Security Centre has issued an alert regarding the 'UMBRELLA STAND' malware, which targets Fortinet FortiGate firewalls. This malware poses a significant threat to network security, urging organizations to review their firewall configurations and apply necessary updates. Source.
4. Critical Teleport Vulnerability Allows Remote Authentication Bypass: A critical vulnerability in Teleport has been identified, allowing attackers to bypass authentication remotely. This flaw could lead to unauthorized access to sensitive systems, highlighting the urgency for users to apply the latest security patches. Source.
5. Critical Meshtastic Vulnerability Lets Attackers Decrypt Private Messages: A vulnerability in Meshtastic has been discovered, enabling attackers to decrypt private messages. This breach of confidentiality underscores the importance of implementing protective measures and updating to the latest software version to safeguard communications. Source.

Vulnerabilities & Patches

1. Multiple Vulnerabilities in Advantech Products: The Cyber Security Agency of Singapore has identified multiple vulnerabilities in Advantech products, including CVE-2025-48469. These vulnerabilities could allow unauthenticated attackers to upload firmware through a public update page, posing significant security risks. It is crucial for users to apply the necessary patches to safeguard their systems. Source: Cyber Security Agency of Singapore.
2. Apple Silently Patched Zero-Click iOS 18.4.1 Exploit: Apple has quietly patched a zero-click exploit in iOS 18.4.1 that involved Secure Enclave theft. Despite the lack of public acknowledgment or attribution, a CVE request has been submitted to MITRE. Users are advised to update their devices to the latest iOS version to protect against potential exploitation. Source: Bleeping Computer.
3. Citrix Patches Critical Vulnerabilities in NetScaler ADC and Gateway: Citrix has released patches for critical vulnerabilities in NetScaler ADC and Gateway, tracked as CVE-2025-5777. These vulnerabilities could allow unauthorized access, making it imperative for administrators to apply the patches immediately to secure their systems. Source: Dark Reading.
4. Suspected China State Hackers Exploit Patched Flaw in Canadian Telecom: A patched vulnerability, CVE-2024-20399, was exploited by suspected China state hackers to breach a Canadian telecom. This incident underscores the importance of timely patch management and monitoring for potential exploitation of known vulnerabilities. Source: Ars Technica.
5. Critical Teleport Vulnerability Allows Remote Authentication Bypass: A critical vulnerability in Teleport, tracked as CVE-2025, allows attackers to bypass authentication controls remotely. Organizations using Teleport are urged to patch their systems immediately to prevent unauthorized access and potential data breaches. Source: GBHackers.

Podcasts

1. APDR Podcast Episode 98 with Host Kym Bergmann: Dive into the latest in cybersecurity, IT, and government policy with Kym Bergmann on the Asia Pacific Defence Reporter podcast. This episode covers critical updates in defense and cybersecurity, offering insights into the evolving landscape of digital threats and defense strategies. Source.
2. The Cybersecurity Bridge - Matt Moore, Ticura: Explore the future of cybersecurity trends with Matt Moore from Ticura. This YouTube podcast discusses the anticipated developments in cybersecurity for 2025 and beyond, providing valuable foresight for businesses and individuals alike. Source.
3. Is Private 5G Finally Delivering on Its Enterprise Promises?: Techzine Global's podcast delves into the current state and future potential of private 5G networks. This episode evaluates whether private 5G is meeting its enterprise expectations, offering insights into its impact on business operations and infrastructure. Source.
4. RANE Podcast: Increased Risk of Cyber Attacks as Conflict with Iran Escalates: In this episode of Essential Geopolitics, RANE's Cyber Intelligence Analyst Hayley Benedict discusses the heightened cyber risks associated with the escalating conflict with Iran. The podcast provides a geopolitical perspective on cybersecurity threats and strategies for mitigation. Source.
5. Morgan Wright: The Growing Importance Of Cybersecurity | Jason Chaffetz Podcast: Join Jason Chaffetz as he discusses with Morgan Wright the increasing significance of cybersecurity in today's digital age. This episode highlights the challenges and solutions in safeguarding digital assets and the importance of staying informed in the cybersecurity domain. Source.

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, it's clear that the digital landscape is as dynamic as ever. From the China-linked Salt Typhoon exploiting critical Cisco vulnerabilities to target Canadian telecoms, to Citrix's urgent patches for NetScaler ADC and Gateway, the world of cybersecurity is constantly evolving. The alerts from the Canadian Centre for Cyber Security and the FBI remind us of the ever-present threats lurking in the shadows of our networks. But remember, staying informed is our best defense. As you digest these stories, consider the implications for your own digital environment and take proactive steps to safeguard your systems. Whether it's updating your software, educating your team, or simply staying vigilant, every action counts. If you found today's insights valuable, why not share this newsletter with your friends and colleagues? Together, we can build a more secure digital world. Until next time, stay safe and stay informed!

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)