Cyber Daily 7/1: Iranian Attacks on US Networks, Glasgow Scam Alert, Citrix Vulnerability Exploited, RBI Urges Zero-Trust

Cyber Daily 7/1: Iranian Attacks on US Networks, Glasgow Scam Alert, Citrix Vulnerability Exploited, RBI Urges Zero-Trust

In today's edition, we unravel a web of cyber threats that span continents and industries, painting a vivid picture of the digital battlefield. The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm on potential Iranian cyberattacks targeting vulnerable U.S. networks, urging heightened vigilance. Meanwhile, Glasgow City grapples with a parking fine scam amidst a broader cyber assault, highlighting how cybercriminals exploit chaos to their advantage. As Iranian cyber actors loom over U.S. critical infrastructure, the call for a zero-trust approach becomes more urgent than ever. Across the globe, vulnerabilities in Citrix servers and D-Link routers expose thousands to potential breaches, while a critical flaw in Chrome's V8 engine is actively exploited. Join us as we delve into these pressing issues, exploring the intricate dance between attackers and defenders in the ever-evolving cyber landscape. Stay informed, stay secure.

Exploits Alert

  1. CISA Warns of Iranian Attacks Against US, DIB Networks: The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about potential cyberattacks targeting vulnerable U.S. networks, particularly those related to critical infrastructure. This alert highlights the ongoing threat posed by Iranian cyber actors and urges organizations to remain vigilant. Source: MeriTalk
  2. Hackers Exploiting Critical Langflow Vulnerability to Deploy Flodrix Botnet: Cybercriminals are actively exploiting a critical vulnerability in Langflow to deploy the Flodrix botnet, which allows them to take control of affected systems. This exploit poses a significant risk as it can lead to unauthorized access and potential data breaches. Source: Cybersecurity News
  3. Critical D-Link Router Flaws Allow Remote Code Execution by Attackers: D-Link's DIR-816 wireless router has been declared end-of-life following the discovery of six critical security vulnerabilities. These flaws allow attackers to execute remote code, posing a severe threat to users who continue to use the outdated device. Source: Cyber Press
  4. Trio of Bluetooth Chipset Flaws Could Allow Snooping, Data Theft: A set of vulnerabilities in Bluetooth chipsets could enable attackers to snoop on communications and steal data. This exploit is particularly concerning as it affects a wide range of devices, potentially compromising user privacy and security. Source: SC Media
  5. Glasgow City Issues Alert Over Parking Fine Scam During Ongoing Cyber Attack: Amid an ongoing cyber attack, Glasgow City has issued a warning about a parking fine scam exploiting the situation. Cybercriminals are taking advantage of the confusion to deceive residents, highlighting the need for increased awareness and caution. Source: Cyber Press

Vulnerabilities & Patches

  1. Chrome 0-Day Vulnerability Exploited in the Wild to Execute Arbitrary Code - Patch Now: CVE-2025-6554 is a high-severity type confusion vulnerability in Chrome's V8 engine that allows attackers to execute arbitrary code. This vulnerability is actively being exploited, prompting an urgent need for users to update their browsers to the latest version to mitigate potential risks. Source.
  2. Critical Flaw in AMI's MegaRAC Firmware Puts Thousands of Servers at Risk: CVE-2024-54085 is a critical vulnerability in AMI's MegaRAC firmware affecting thousands of servers. While some vendors have released patches, not all hardware vendors have provided updates, leaving many systems vulnerable. Organizations are advised to check with their vendors for available patches. Source.
  3. Does Your Brother Printer Have an Unpatchable Security Flaw? How to Check - and What You Can Do: Brother printers are facing a significant security issue with CVE-2024-51978, which cannot be patched on existing devices. While seven other vulnerabilities can be addressed with firmware updates, users are advised to check their devices and consider alternative security measures. Source.
  4. Top 5 High-Risk CVEs of June 2025: Microsoft has issued a patch for CVE-2025-33071 as part of its June 2025 Patch Tuesday update. Administrators are urged to apply these official patches promptly to protect systems from potential exploits targeting these high-risk vulnerabilities. Source.

Podcasts

  1. APDR Podcast Episode 99 with host Kym Bergmann: This episode delves into the latest developments in Asia Pacific defense, covering cybersecurity, IT, simulation, training, and government policy. Host Kym Bergmann provides insights into the region's strategic landscape, making it a must-listen for defense enthusiasts and policymakers. Source.
  2. WAG in Focus: Will Iran target your farm?: This episode explores the potential threats to agriculture from geopolitical tensions, particularly focusing on Iran. It provides a comprehensive analysis of how global events can impact local farming communities, making it essential listening for those in the agricultural sector. Source.
  3. Building Trust in the Age of Agentic AI: Cybercrime Magazine's podcast discusses the challenges and strategies for building trust in AI systems amidst rising cyber threats. Featuring insights from victims, law enforcement, and cybersecurity experts, this episode is crucial for understanding the evolving landscape of AI security. Source.
  4. Why Data Security Is the Real AI Risk: TechSpective's podcast highlights the critical importance of data security in the age of AI. Host Todd Moore discusses the often-overlooked risks associated with data management, providing valuable perspectives for tech professionals and businesses. Source.
  5. Urgent Cybersecurity Briefing: Scattered Spider Attacks: This episode from Maynard Nexsen offers an urgent briefing on the Scattered Spider cyber attacks. It provides detailed analysis and expert insights into the tactics used by cybercriminals, making it essential for cybersecurity professionals. Source.

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, it's clear that the digital landscape is as dynamic as ever. With CISA's alert on potential Iranian cyber threats, it's a reminder of the ever-present need for vigilance and preparedness. Whether it's safeguarding critical infrastructure or staying alert to phishing scams, our collective security depends on awareness and action. In a world where cybercriminals are constantly evolving, sharing knowledge is our best defense. If you found today's insights valuable, consider passing them along to friends and colleagues. Together, we can build a more informed and resilient community. Stay secure, stay informed, and remember: knowledge shared is power multiplied. Until tomorrow, keep your defenses strong and your networks safe!

ONSEC.io | LinkedIn
ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.
x.com