Welcome to the June 26th edition of ONSEC Cyber Daily, where today's headlines weave a tale of digital intrigue and urgency. As Firefox 140 rolls out a crucial update to patch a code execution vulnerability, the cyber landscape is abuzz with vulnerabilities across platforms, from macOS to Android. Citrix's NetScaler appliances face a critical threat, with the CVE-2025-6543 vulnerability actively exploited in the wild, echoing the urgency of patch cycles that must close the 48-hour exposure gap. Meanwhile, Iranian hackers escalate tensions with cyberattacks on U.S. banks and defense contractors, underscoring the geopolitical dimensions of cybersecurity. As organizations scramble to patch and protect, the narrative of today's cyber world is one of relentless vigilance and rapid response. Stay informed, stay secure.

Exploits Alert

1. Firefox 140 Released With Fix for Code Execution Vulnerability - Update Now: Mozilla has released Firefox 140, addressing a critical code execution vulnerability that could allow attackers to execute arbitrary code on affected systems. Users are urged to update immediately to protect against potential exploits. Source
2. Citrix warns of NetScaler vulnerability exploited in DoS attacks: Citrix has issued a warning about a vulnerability in NetScaler appliances, tracked as CVE-2025-6543, which is actively being exploited in the wild. This vulnerability is leading to Denial of Service (DoS) attacks, and users are advised to apply patches promptly. Source
3. Exploit Kits vs. Patch Cycles: Closing the 48-Hour Exposure Gap: Cybercriminals are exploiting vulnerabilities within 48 hours of discovery, highlighting the critical need for organizations to apply patches quickly. This report emphasizes the importance of reducing the patch cycle to mitigate risks effectively. Source
4. Global Cyber Alert: Iranian Hackers Hit U.S. Banks, Defence Contractors, and Oil Firms: Following military tensions, Iranian-aligned hackers have launched cyberattacks against U.S. financial institutions, defense contractors, and oil firms. This digital retaliation underscores the geopolitical impact on cybersecurity threats. Source
5. CISA Issued ICS Advisories Covering Current Vulnerabilities and Exploits: The Cybersecurity and Infrastructure Security Agency (CISA) has released advisories to alert organizations about current vulnerabilities and exploits affecting industrial control systems. These advisories aim to enhance awareness and prompt timely mitigation actions. Source

Vulnerabilities & Patches

1. Citrix Patches Critical 0-day Amid 'CitrixBleed 2' Concerns: Citrix has released a patch for a critical zero-day vulnerability, tracked as CVE-2025-5777, with a CVSS score of 9.3. This flaw involves insufficient input validation, leading to potential memory exploitation. Organizations using Citrix NetScaler ADC/Gateway are urged to apply the patch immediately to prevent unauthorized access. Source: SC Media.
2. Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC: Citrix has issued urgent patches for a critical vulnerability, CVE-2025-6543, affecting NetScaler ADC. With a CVSS score of 9.2, this memory overflow vulnerability could lead to severe security breaches if left unpatched. Users are advised to update their systems promptly. Source: The Hacker News.
3. Millions of Brother Printers Hit by Critical Unpatchable Bug: A critical vulnerability, CVE-2024-51978, affecting millions of Brother printers has been identified as unpatchable. This flaw poses significant security risks, prompting users to seek alternative security measures to protect their devices. Source: Dark Reading.
4. SAP GUI Input History Found Vulnerable to Weak Encryption: Two vulnerabilities, CVE-2025-0055 and CVE-2025-0056, have been discovered in SAP GUI, exposing sensitive data due to weak encryption. Users are advised to apply the latest patches for Windows and Java versions to mitigate these risks. Source: Infosecurity Magazine.
5. Chrome Releases Security Patch for 11 Code Execution Vulnerabilities: Google has released a security update addressing 11 vulnerabilities in Chrome, including CVE-2025-4563, which allows nodes to bypass authorization checks. Users should update to the latest version to protect against potential exploits. Source: GBHackers.

Podcasts

1. The Severance Podcast: The Severance Podcast is back with five new episodes, offering fans a deeper dive into the show's intricate narrative and character development. This season promises to unravel more mysteries and provide insights into the show's unique universe. If you're a fan of Severance, these episodes are a must-listen to keep up with the latest twists and turns. Source: Startup News
2. Quantum Potential: Episode 10 features Ret. Gen. Paul Nakasone discussing the challenges of securing the 21st century amidst evolving cyber threats. This episode delves into the strategic importance of cybersecurity and the potential of quantum technologies in safeguarding national security. It's an insightful listen for those interested in the intersection of technology and defense. Source: Vanderbilt University
3. Smashing Security: In this episode, Graham Cluley and Carole Theriault explore Operation Endgame, a stylish police crackdown on botnets and malware authors. The discussion highlights the innovative tactics used by law enforcement to combat cybercrime, making it a fascinating episode for those interested in cybersecurity and law enforcement. Source: YouTube
4. Blue Goat Cyber: Celebrating its 25th episode, Blue Goat Cyber discusses the role of cybersecurity labeling in building trust and transparency. This episode emphasizes how smart labeling can transform compliance into a competitive advantage, offering valuable insights for businesses looking to enhance their cybersecurity posture. Source: KOIN
5. Thriving Through Volatility: This episode provides insights for CISOs on navigating the complexities of cybersecurity in volatile times. Featuring experts like Jeff Pollard and Pejman Roshan, it offers strategies for managing risk and leading effectively in uncertain environments. It's a must-listen for cybersecurity leaders seeking to bolster their resilience. Source: SC World

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, it's clear that the digital landscape is as dynamic as ever. From the urgent release of Firefox 140 to patch a critical code execution vulnerability, to the ongoing challenges posed by macOS and Android-specific vulnerabilities, staying informed is crucial. Citrix's recent warnings about the NetScaler vulnerability remind us that cyber threats are relentless, and timely updates are our best defense. In a world where cybercriminals exploit vulnerabilities within 48 hours, the race to patch and protect is more critical than ever. Whether it's the latest exploit kits or the expansion of cybersecurity features for MSSPs, the need for vigilance and proactive measures is paramount. We hope today's insights empower you to bolster your defenses and stay ahead of potential threats. If you found this newsletter helpful, please share it with your friends and colleagues. Together, we can build a more secure digital world. Stay safe, stay informed, and see you in the next edition of ONSEC Cyber Daily!

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)