Welcome to the ONSEC Cyber Daily for July 31, 2025, where today's headlines weave a compelling narrative of innovation, vulnerability, and resilience in the ever-evolving cybersecurity landscape. NYU Tandon researchers have unveiled an AI agent capable of autonomously tackling cybersecurity challenges, a beacon of hope amidst a sea of vulnerabilities. The new EnIGMA framework promises enhanced automated vulnerability detection, a crucial advancement as Africa grapples with rising AI and social engineering-driven cybercrime, as highlighted by Interpol's 2025 Africa Cyberthreat Assessment Report. Meanwhile, Microsoft responds to a CISA alert with guidance on SharePoint vulnerabilities, underscoring the urgency of patching as Apple races to fix a zero-day flaw exploited against Chrome users. As the U.S. Cybersecurity and Infrastructure Security Agency prepares to release a federal telco infrastructure vulnerability report, the global stage is set for a cybersecurity showdown. From the African Treasury to the U.S. Nuclear Agency, critical systems are under siege, demanding immediate action and innovative solutions. Join us as we delve into these stories and more, exploring the intricate dance between threat and defense in today's digital world.

Exploits Alert

1. NYU Tandon Researchers Develop AI Agent for Cybersecurity Challenges: Researchers at NYU Tandon have created an AI agent capable of autonomously solving cybersecurity challenges. This development promises to enhance automated vulnerability detection and response, potentially revolutionizing how cybersecurity threats are managed. Source: EurekAlert.
2. Africa's Growing Vulnerability to AI and Social Engineering Cybercrime: Interpol's 2025 Africa Cyberthreat Assessment Report highlights a significant rise in cybercrime across African nations, driven by AI and social engineering tactics. This trend underscores the urgent need for enhanced cybersecurity measures across the continent. Source: ITWeb.
3. Microsoft SharePoint Server 0-Day Exploit Targets African Institutions: A critical 0-day vulnerability in Microsoft SharePoint Server has been exploited in a cyberattack affecting African treasuries, businesses, and universities. This incident highlights the importance of timely patching and robust cybersecurity defenses. Source: CyberPress.
4. Credential Theft Surge in South Africa Prompts NEC XON Warning: With cybercrime now the top business risk in South Africa, NEC XON has issued a critical alert regarding the surge in credential theft. This warning emphasizes the need for heightened vigilance and security measures to protect sensitive information. Source: Intelligent CISO.
5. Critical CodeIgniter4 Vulnerability CVE-2025-54418: A severe vulnerability in CodeIgniter4 has prompted a red alert from French telecom giant Orange, following a cyberattack on its information systems. This incident serves as a reminder of the critical need for regular security updates and monitoring. Source: The Cyber Express.

Vulnerabilities & Patches

1. SAP Vulnerability Leads to Major Linux System Breach: A critical vulnerability in SAP's software, identified as CVE-2025-31324, was exploited, leading to a significant breach in Linux systems. SAP has released a patch to address this issue, urging immediate updates to prevent further exploitation. Source: Security Boulevard.
2. Microsoft Releases Guidance on SharePoint Vulnerabilities: Microsoft has issued guidance following a CISA alert about SharePoint vulnerabilities, specifically CVE-2025-53770 and CVE-2025-53771, which serve as patch bypasses for previous vulnerabilities. These updates are crucial to prevent potential exploitation. Source: Security Boulevard.
3. Dahua Camera Flaws Allow Remote Hijack: Dahua cameras have been found vulnerable to remote hijacking due to flaws CVE-2025-31700 and CVE-2025-31701, each scoring 8.1 on the CVSS scale. Users are advised to apply patches immediately to secure their devices. Source: The420.in.
4. SonicWall VPN Vulnerabilities Disclosed: SonicWall has disclosed three major vulnerabilities in its SMA100 series, identified as CVE-2025-40596, 40597, and 40598. These vulnerabilities could lead to pre-auth stack/heap overflows and XSS attacks, urging users to patch their systems promptly. Source: Hackread.
5. Apple Patches iOS and iPadOS Vulnerabilities: Apple has released updates addressing multiple vulnerabilities in iOS and iPadOS, including CVE-2025-43228, which could lead to address bar spoofing. Users are strongly encouraged to update their devices to protect against potential attacks. Source: Malwarebytes.

Podcasts

1. Smashing Security Podcast #428: Red flags, leaked chats, and a final farewell: In this episode, Carole bids adieu to her co-host role after 428 episodes, taking listeners on a nostalgic journey filled with memorable moments, laughter, and a touch of emotion. Expect engaging discussions on cybersecurity red flags and leaked chats, all wrapped up with a tribute to Tom Lehrer. Source: Graham Cluley.
2. CyberWire Daily Podcast: State of emergency in St Paul: Hosted by Dave Bittner, this episode delves into the cybersecurity landscape with a focus on the state of emergency declared in St Paul. The discussion includes insights into the latest malware threats and the implications for local governance and infrastructure. Source: CyberWire.
3. Bloomberg Tech: Palo Alto Networks, CyberArk Reach $25B Deal: This episode covers the monumental $25 billion acquisition deal between Palo Alto Networks and CyberArk, exploring its impact on the cybersecurity industry and market dynamics. The podcast provides expert analysis and forecasts for the future of these tech giants. Source: Bloomberg.
4. Louisiana's Governor Announces New IT Vendor on His Diner-Themed Podcast: In a unique setting at Phil's Oyster Bar, Louisiana's governor discusses the state's new IT vendor, touching on cybersecurity, IT governance, and AI. This episode offers a blend of policy insights and local flavor, making it a must-listen for tech enthusiasts. Source: StateScoop.
5. How Should CISOs Prepare for AI Threats, Cyberattacks or Emergencies?: Featuring Aimee Cardwell, CISO in Residence for Transcend, this podcast episode provides strategic guidance for CISOs facing AI threats and cyber emergencies. It emphasizes proactive measures and preparedness to safeguard organizational assets. Source: Security Magazine.

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, it's clear that the cybersecurity landscape is evolving at a rapid pace. From NYU Tandon's groundbreaking AI agent tackling cybersecurity challenges autonomously to the EnIGMA framework enhancing vulnerability detection, innovation is at the forefront of our defense strategies. Yet, as we see from Interpol's report, regions like Africa remain increasingly vulnerable to AI and social engineering-driven cybercrime, highlighting the global nature of these threats. The recent flurry of activity, including Microsoft's guidance on SharePoint vulnerabilities and Apple's swift patching of zero-day exploits, underscores the importance of staying informed and proactive. As cyber threats continue to grow in complexity, sharing knowledge becomes our strongest ally. We invite you to share this newsletter with your friends and colleagues. By spreading awareness, we can collectively fortify our defenses and stay one step ahead in this ever-changing cyber world. Until tomorrow, stay vigilant and connected!

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)