Welcome to the ONSEC Cyber Daily for July 9, 2025. Today, we dive into a whirlwind of vulnerabilities shaking the cybersecurity landscape. From a critical Windows flaw causing ripples of concern among experts to the revelation of security gaps in the Agentic AI Protocol, the digital world is on high alert. Meanwhile, CISA's warnings about active exploits in Ruby on Rails and PHPMailer highlight the urgency of patching vulnerabilities. As Microsoft rolls out its July Patch Tuesday, addressing 130 security flaws, the cybersecurity community braces for potential threats. Join us as we explore these pressing issues and listen to CyberArk's Thomas Fikentscher discuss why cybersecurity should never be an afterthought in our latest podcast episode. Stay informed, stay secure.

Exploits Alert

1. Experts Concerned Over Newly Disclosed Critical Windows Vulnerability: A critical vulnerability in Windows has been disclosed, raising concerns among cybersecurity experts. This flaw could potentially allow attackers to gain unauthorized access to systems, emphasizing the need for immediate patching and system updates. Organizations are advised to prioritize this issue to safeguard their networks. Source: Cyber Daily
2. Report Finds Agentic AI Protocol Vulnerable to Cyber Attacks: A recent report highlights significant vulnerabilities in the Model Context Protocol (MCP) used in Agentic AI systems. These vulnerabilities could be exploited by cyber attackers to compromise AI operations, necessitating urgent security measures and protocol updates to mitigate potential risks. Source: THE Journal
3. CISA Alerts on Active Exploit of Ruby on Rails Path Traversal Flaw: The Cybersecurity and Infrastructure Security Agency (CISA) has added a Ruby on Rails path traversal vulnerability to its Known Exploited Vulnerabilities catalog. This flaw is actively being exploited, allowing attackers to access sensitive files on affected systems. Immediate remediation is recommended to prevent unauthorized data access. Source: GBHackers
4. CISA Warns of PHPMailer Command Injection Vulnerability Exploited in Attacks: CISA has issued a critical warning about a command injection vulnerability in PHPMailer, which is actively being exploited in cyberattacks. This flaw allows attackers to execute arbitrary commands, posing a significant threat to affected systems. Users are urged to apply patches promptly to secure their environments. Source: Cybersecurity News
5. National CERT Issues High Alert Over Critical Veeam Backup Vulnerability: A critical vulnerability in Veeam Backup systems has prompted a high alert from the National CERT. This flaw has been exploited by various cybercriminal groups to disable recovery processes, highlighting the importance of immediate patching and enhanced security measures to protect backup infrastructures. Source: ProPakistani

Vulnerabilities & Patches

1. Microsoft Patch Tuesday July 2025: 130 Vulnerabilities Fixed: Microsoft has addressed 130 vulnerabilities in its July 2025 Patch Tuesday update, including a critical zero-day vulnerability, CVE-2025-49719, in SQL Server. This flaw, with a CVSS score of 9.8, poses a significant risk due to its potential for remote code execution. Organizations are urged to apply the patches promptly to mitigate security risks. Source: The Cyber Express.
2. SAP Patchday: NetWeaver Products Vulnerable to Malware Attacks: SAP's latest patch update addresses critical vulnerabilities in its NetWeaver products, including CVE-2025-42967. These vulnerabilities could allow malware attacks, emphasizing the need for immediate patch application to protect enterprise systems. Source: heise online.
3. ParrotOS 6.4 Released with Key Tool Updates: The new release of ParrotOS 6.4 includes significant updates to key tools and a kernel upgrade, addressing CVE-2025-5777. This update enhances security and functionality, making it crucial for users to upgrade their systems to the latest version. Source: Help Net Security.
4. Samsung's July 2025 Update: Android-Specific CVE Patches: Samsung's July 2025 update includes patches for one critical and 21 high-level common vulnerability exposures (CVEs) specific to Android devices. These updates are essential for maintaining device security and protecting against potential exploits. Source: Sammy Fans.
5. Microsoft Patch Tuesday: 137 Vulnerabilities, Including Zero-Day SQL Flaw: The July 2025 Patch Tuesday update from Microsoft addresses 137 vulnerabilities, with CVE-2025-49719 being a publicly disclosed zero-day affecting SQL Server. This vulnerability highlights the importance of timely patching to prevent potential exploitation. Source: Redmondmag.com.

Podcasts

1. Cybersecurity News: Call of Duty Game Pulled, U.S. Military Gets Cybersecurity Boost: This podcast episode from the CISO Series discusses the recent removal of the Call of Duty game and how the U.S. military is enhancing its cybersecurity measures. The episode provides insights into the implications of these developments for both gamers and national security. Source.
2. Not Enough Hallucinations? Let's Outfit Your LLM with Another LLM: Hosted by David Spark and Edward Contreras, this CISO Series podcast explores the innovative concept of using large language models (LLMs) to enhance cybersecurity strategies. The episode delves into the potential benefits and challenges of integrating AI into security frameworks. Source.
3. The AI Fix #58: An AI Runs a Shop into the Ground, and AI's Obsession with the Number 27: This episode of the AI Fix podcast examines the quirky and sometimes problematic behaviors of AI systems, including a case where AI mismanagement led to business failure. The discussion highlights the importance of understanding AI's limitations and potential risks. Source.
4. Driving Digital Security: The FTC's Safeguards Rule Explained: In this episode of Moving the Metal: The Auto Finance Podcast, hosts Brooke Conkle and Chris Capurso discuss the FTC's Safeguards Rule and its implications for digital security in the auto finance industry. The conversation provides valuable insights into regulatory compliance and data protection strategies. Source.
5. N-able Podcast “Now That's IT” Celebrates 50 Episodes Spotlighting MSP Success: Celebrating its 50th episode, this podcast from N-able, Inc. highlights the success stories of Managed Service Providers (MSPs) and their role in enhancing cyber resiliency. The episode offers a retrospective on the series' impact and future directions. Source.

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, it's clear that the digital landscape is more dynamic and challenging than ever. From the critical Windows vulnerability raising alarms among experts to the persistent threats targeting our systems, staying informed is our best defense. Our podcast with CyberArk's Thomas Fikentscher reminds us that cybersecurity should never be an afterthought. In this fast-paced world, sharing knowledge is key. If you found today's insights valuable, please share this newsletter with your friends and colleagues. Together, we can build a more secure digital future. Stay vigilant, stay informed, and we'll see you in the next issue!

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)