Welcome to the June 27th edition of ONSEC Cyber Daily, where today's headlines weave a tale of vulnerabilities and urgent warnings. The Cybersecurity and Infrastructure Security Agency (CISA) is sounding the alarm on a series of critical vulnerabilities, from D-Link routers to ControlID's iDSecure software, each posing a unique threat to our digital landscape. Meanwhile, cybercriminals are exploiting these weaknesses, leveraging advanced tools like large language models to amplify their attacks. As patches roll out for Cisco, Citrix, and WinRAR, the race against time intensifies to secure systems before malicious actors strike. In this interconnected web of threats, the importance of strong passwords and timely updates becomes ever more crucial. Stay informed, stay secure, and join us as we delve into the details of these pressing cybersecurity challenges.

Exploits Alert

1. D-Link Path Traversal Vulnerability Exploited in Attacks: CISA has issued an urgent warning about a critical path traversal vulnerability affecting D-Link DIR-859 routers. This flaw is being actively exploited by attackers, potentially allowing unauthorized access to sensitive data. Organizations using these routers are advised to apply patches immediately to mitigate risks. Source: Cybersecurity News
2. ControlID iDSecure Software Vulnerabilities Allow Authentication Bypass: CISA has highlighted critical vulnerabilities in ControlID's iDSecure software, which could allow attackers to bypass authentication mechanisms. This poses a significant threat to organizations relying on this software for secure access control. Immediate updates and security measures are recommended to prevent unauthorized access. Source: Cybersecurity News
3. HPE OneView for VMware vCenter Vulnerability Allows Elevated Access: A vulnerability in HPE OneView for VMware vCenter has been identified, enabling attackers to gain elevated access privileges. This could lead to unauthorized control over virtual environments, posing a severe risk to data integrity and system operations. Users are urged to implement security patches promptly. Source: GBHackers
4. AMI BMC Vulnerability Exploited in the Wild: CISA has issued a warning about a critical vulnerability in AMI BMC systems that is being actively exploited. This flaw could allow attackers to execute arbitrary code, potentially compromising entire systems. Organizations using these systems should prioritize patching and monitoring for unusual activity. Source: SecurityWeek
5. FortiOS Hard-Coded Credentials Vulnerability Exploited in Attacks: A vulnerability involving hard-coded credentials in FortiOS has been exploited in recent cyberattacks. This flaw could allow attackers to gain unauthorized access to network devices, posing a critical security threat. Fortinet users are advised to update their systems and change default credentials immediately. Source: Cybersecurity News

Vulnerabilities & Patches

1. Cisco Fixes Two Critical Make-Me-Root Bugs: Cisco has addressed two critical vulnerabilities, CVE-2025-20281 and CVE-2025-20282, affecting its Identity Services Engine (ISE) and ISE-PIC software. These vulnerabilities could allow unauthenticated attackers to gain root access, posing significant security risks. The patches are available for versions 3.3 and 3.4, and users are urged to update immediately. Source: The Register.
2. WinRAR Users At Risk: Major Security Flaw Fixed: A critical vulnerability in WinRAR, identified as CVE-2025-6218, has been patched. This flaw allowed attackers to execute malicious code on a victim's system by manipulating archive paths. Users are advised to update to the latest version to protect their systems. Source: TechWorm.
3. HPE OneView for VMware vCenter Vulnerability: A vulnerability in HPE OneView for VMware vCenter, tracked as CVE-2025-37101, has been identified, allowing elevated access to unauthorized users. The only mitigation is applying the available patch, which users should implement promptly to secure their systems. Source: GBHackers.
4. Citrix: New Critical Vulnerability Affects NetScaler: Citrix has released patches for a critical vulnerability, CVE-2025-6543, affecting NetScaler. This flaw has been exploited in the wild, and users are strongly encouraged to apply the updates to prevent potential attacks. Source: RedHotCyber.
5. CISA Warns of AMI BMC Vulnerability Exploited in the Wild: The AMI BMC vulnerability, which has been actively exploited, has prompted CISA to issue a warning. Patches were released in March, and affected OEMs have confirmed the impact. Users should ensure their systems are updated to mitigate this risk. Source: SecurityWeek.

Podcasts

1. Cyber Uncut Podcast: In this episode, David Hollingworth and Daniel Croft delve into the dual nature of AI, highlighting both beneficial and malicious applications. They also discuss recent high-profile hacker arrests and the ongoing saga of War Thunder. The conversation provides insights into the evolving landscape of cybersecurity threats and innovations. Source: Cyber Daily.
2. MSDW Podcast: Cybersecurity Lessons for CFOs: This episode, sponsored by SignUp Software, explores how CFOs can leverage AP automation to enhance cybersecurity measures. Experts from SignUp Software and Eftsure discuss practical strategies for financial leaders to protect their organizations from cyber threats. The podcast offers valuable insights into integrating cybersecurity into financial operations. Source: MS Dynamics World.
3. Darknet Diaries: This podcast episode dives into the world of cybercrime, featuring real-life stories of hackers, breaches, and the people behind them. It provides a gripping narrative that uncovers the hidden aspects of the digital underworld, offering listeners a deeper understanding of the motivations and methods of cybercriminals. Source: Darknet Diaries.
4. Smashing Security: Hosts Graham Cluley and Carole Theriault discuss the latest cybersecurity news with a humorous twist. This episode covers recent data breaches, security blunders, and the implications of emerging technologies on privacy. The podcast is both informative and entertaining, making complex security topics accessible to a broad audience. Source: Smashing Security.
5. The CyberWire Daily: This episode provides a concise roundup of the day's most significant cybersecurity news. It includes expert analysis on current threats, vulnerabilities, and the latest developments in the cybersecurity industry. The podcast is an essential listen for anyone looking to stay informed about the fast-paced world of cybersecurity. Source: The CyberWire.

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, it's clear that the digital landscape is as dynamic as ever, with vulnerabilities lurking in unexpected corners. From the D-Link path traversal flaw to the critical issues in ControlID iDSecure and HPE OneView, the urgency to stay informed and vigilant has never been greater. CISA's warnings remind us that cyber threats are not just headlines—they're real challenges that demand our attention and action. In this interconnected world, sharing knowledge is a powerful defense. If you found today's insights valuable, consider forwarding this newsletter to your friends and colleagues. Together, we can build a more secure digital future, one informed reader at a time. Stay safe, stay informed, and see you in the next issue of ONSEC Cyber Daily!

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)