**ONSEC Cyber Daily: September 12, 2025** In today's edition, we unravel a web of cyber threats that are shaking the digital landscape. The Australian Cyber Security Centre (ACSC) has issued a stark warning about the Akira ransomware, which is aggressively targeting Australian organizations. This threat is compounded by the active exploitation of a critical SonicWall SSL VPN flaw, CVE-2024-40766, which has been a persistent vulnerability despite being patched over a year ago. Meanwhile, small businesses and influencers are urged to bolster their defenses as Norton steps up with dark web and social media monitoring solutions. As the cyber storm intensifies, the importance of timely patching and robust security measures cannot be overstated. Stay informed, stay secure.

Exploits Alert

1. ACSC Warns of Akira Ransomware Activity Targeting Australian Organisations: The Australian Cyber Security Centre (ACSC) has issued an alert regarding the Akira ransomware, which is actively targeting Australian organizations. This ransomware is known for encrypting files and demanding a ransom for decryption keys, posing a significant threat to business operations. Organizations are urged to bolster their cybersecurity measures to prevent potential breaches. Source: cyberdaily.au
2. SonicWall SSL VPN Flaw CVE-2024-40766 Actively Exploited: A critical vulnerability in SonicWall SSL VPNs, identified as CVE-2024-40766, is being actively exploited by threat actors. This flaw allows unauthorized access to sensitive data, making it imperative for users to apply patches immediately. The vulnerability's exploitation could lead to severe data breaches and operational disruptions. Source: thecyberexpress.com
3. Cursor AI Code Editor RCE Flaw Allows Malicious Code to Autorun on Machines: A remote code execution (RCE) vulnerability in the Cursor AI Code Editor has been discovered, which can be exploited to run malicious code automatically. This flaw poses a risk to developers and organizations using the editor, as it could lead to unauthorized access and data theft. Immediate updates and security patches are recommended to mitigate this risk. Source: gbhackers.com
4. CISA Flags Critical ICS Vulnerabilities Across Rockwell and ABB Systems: The Cybersecurity and Infrastructure Security Agency (CISA) has identified critical vulnerabilities in industrial control systems (ICS) from Rockwell and ABB. These vulnerabilities expose operational technology (OT) networks to potential exploits, which could disrupt industrial operations and compromise safety. Organizations are advised to implement recommended security measures to protect their systems. Source: industrialcyber.co
5. Norton Wants to Protect Small Businesses with Dark Web and Social Media Monitoring: Norton has launched a new initiative to protect small businesses and influencers from cyber threats by offering dark web and social media monitoring services. This move aims to safeguard sensitive information and prevent cybercriminals from exploiting vulnerabilities in smaller enterprises. The service is designed to provide real-time alerts and actionable insights to enhance cybersecurity resilience. Source: techradar.com

Vulnerabilities & Patches

1. Ransomware Gang Targets Improperly Patched SonicWall Firewalls: A ransomware group is exploiting the SonicWall SonicOS management system vulnerability, CVE-2024-40766, which was patched over a year ago. Despite the patch, attackers continue to leverage this improper access control flaw to gain unauthorized access. Organizations are urged to ensure their systems are updated to prevent breaches. Source: CSO Online.
2. SAP Patches Critical CVE-2025-42944 in NetWeaver: SAP has released a patch for a critical vulnerability in its NetWeaver platform, identified as CVE-2025-42944, with a maximum CVSS score of 10.0. This flaw could allow attackers to execute arbitrary code, and users are strongly advised to apply the September 2025 security patch immediately. Source: The Cyber Express.
3. Hackers Expose Critical Apple CarPlay Flaw At DefCon: A critical vulnerability in Apple CarPlay, CVE-2025-24132, was demonstrated at DefCon, highlighting risks of stack buffer overflow. Automakers need to integrate and test Apple's patch on their hardware to mitigate potential exploitation risks. Source: TechWorm.
4. Google Fixes Critical Chrome Flaw, Researcher Earns $43K: Google has addressed a critical vulnerability in Chrome, CVE-2025-10201, which could lead to inappropriate access. The update also includes fixes for other security issues, underscoring the importance of keeping browsers up-to-date. Source: Security Affairs.
5. Cisco Patches High-Severity IOS XR Vulnerabilities: Cisco has patched a high-severity vulnerability in its IOS XR software, CVE-2025-20248, which could allow unauthorized access during the installation process. Users are advised to apply the updates promptly to secure their systems. Source: SecurityWeek.

Podcasts

1. The Pattern of Early Adoption of Security Tools: This podcast episode from the CISO Series explores how Chief Information Security Officers (CISOs) are increasingly collaborating with startups to adopt innovative security tools. The discussion highlights the benefits and challenges of early adoption, emphasizing the role of CISOs in driving technological advancements in cybersecurity. Source.
2. npm update, Cursor Autorun details, Microsoft Ascension probe: In this episode, the CISO Series delves into recent cybersecurity news, including updates on npm, details about the Cursor Autorun flaw, and insights into Microsoft's investigation of the Ascension hack. The podcast provides a comprehensive overview of these issues, offering listeners a deeper understanding of current cybersecurity threats and responses. Source.
3. Episode 101 - EU Data Act: Implications for Data Privacy and Cybersecurity: This Lexology podcast episode discusses the EU Data Act and its potential impact on data privacy and cybersecurity practices. The conversation provides valuable insights into the legal and regulatory changes that organizations may need to navigate, emphasizing the importance of compliance and proactive cybersecurity measures. Source.

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, it's clear that the digital landscape is as dynamic as ever, with threats like the Akira ransomware and SonicWall vulnerabilities reminding us of the constant vigilance required to protect our digital assets. The Australian Cyber Security Centre's alerts serve as a crucial reminder for organizations worldwide to stay informed and proactive in their cybersecurity measures. We hope you found today's insights valuable and urge you to share this newsletter with your friends and colleagues. By spreading awareness, we can collectively bolster our defenses against cyber threats. Stay safe, stay informed, and remember, in the world of cybersecurity, knowledge is your first line of defense. Until tomorrow, keep your systems secure and your data protected. If you enjoyed today's read, don't forget to pass it along to those who might benefit from staying ahead of the cyber curve. Together, we can make the digital world a safer place for everyone.