Welcome to the ONSEC Cyber Daily for September 25th, where today's headlines weave a compelling narrative of digital vulnerability across industries. We begin with an alert that has sent ripples through the retail sector, uncovering a persistent cyberthreat that has already impacted 60% of companies. Meanwhile, the agricultural sector faces its own digital reckoning as researchers highlight growing cyber vulnerabilities amidst the adoption of modern farming technologies. In a parallel storyline, the tech world is on high alert as SolarWinds and Google scramble to patch critical vulnerabilities in their systems, with the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issuing urgent warnings. These vulnerabilities have not only been exploited in retail and agriculture but have also breached U.S. federal agencies, underscoring the pervasive nature of these threats. As we delve deeper, the narrative expands to include the broader implications of these vulnerabilities, from the potential for unremovable malware in Supermicro servers to the critical security flaws in Android devices. Each story is a chapter in the ongoing saga of cybersecurity, where vigilance and timely patching are the keys to safeguarding our digital future. Stay informed, stay secure, and join us as we navigate the complex landscape of cyber threats.

Exploits Alert

1. Retail at Risk: How One Alert Uncovered a Persistent Cyberthreat: The retail sector is under siege, with a significant 60% of companies facing cyberattacks. This alert highlights the persistent threats targeting retail organizations, emphasizing the need for robust cybersecurity measures. Source: Microsoft Security Blog
2. Researchers Addressing Cyber Vulnerabilities in U.S. Agriculture: As digital tools become integral to modern farming, the agriculture sector is increasingly vulnerable to cyberattacks. This report underscores the urgent need for enhanced cybersecurity strategies to protect the U.S. agriculture industry. Source: Southeast AgNET
3. SolarWinds Fixes Critical Web Help Desk RCE Vulnerability (CVE-2025-26399): SolarWinds has patched a critical remote code execution vulnerability in its Web Help Desk software. This fix is crucial to prevent potential exploitation by cybercriminals. Source: Help Net Security
4. CISA Warns of Google Chrome 0-Day Vulnerability Exploited in Attacks: The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a high-severity zero-day vulnerability in Google Chrome. This vulnerability is actively being exploited, highlighting the importance of immediate updates. Source: Cybersecurity News
5. CISA - Hackers Breached U.S. Federal Agency via GeoServer RCE: A U.S. federal agency was breached through a remote code execution vulnerability in GeoServer. Despite the vulnerability being disclosed earlier, the patch was not applied, leading to unauthorized access and data exfiltration. Source: Cyber Press

Vulnerabilities & Patches

1. CISA Warns of Google Chrome 0-Day Vulnerability Exploited in Attacks: The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a zero-day vulnerability in Google Chrome, identified as CVE-2025-10585. This vulnerability has been actively exploited in the wild, prompting Google to release security patches. Users are advised to ensure their browsers are updated to mitigate potential risks. Source: Cybersecurity News.
2. Supermicro Servers Susceptible to Flaws in Baseboard Management Controller: Supermicro servers have been found vulnerable due to flaws in their baseboard management controller, tracked as CVE-2025-7937 and CVE-2025-6198. These vulnerabilities could allow attackers to replace firmware, posing significant security risks. Patches have been released, and users are urged to apply them immediately. Source: TechSpot.
3. Google Warns Of Critical Security Flaws In Android 12-15: Google has alerted users to critical security vulnerabilities affecting Android versions 12 through 15. These flaws could enable remote code execution, making it crucial for users to update their devices promptly to the latest security patches provided by Google. Source: MSN.
4. SolarWinds Fixes Critical Web Help Desk RCE Vulnerability (CVE-2025-26399): SolarWinds has addressed a critical remote code execution vulnerability in its Web Help Desk software, identified as CVE-2025-26399. This flaw could allow attackers to execute arbitrary commands on affected systems. Users are strongly encouraged to apply the hotfix to protect their systems. Source: Help Net Security.
5. Libraseva Urges Users to Patch Now as It Issues Emergency Fix Following Attacks: Libraseva has released an emergency patch for a medium-severity vulnerability, CVE-2025-59689, following targeted attacks. The company advises users to apply the patch immediately to prevent potential exploitation. Automated updates are available to streamline the patching process. Source: TechRadar.

Podcasts

1. AI Vulnerability Apocalypse: Petya & Dumb Cybersecurity Rules: This podcast episode from IBM's Security Intelligence delves into the evolving landscape of AI-driven ransomware, highlighting the rise of sophisticated threats like Petya. It also critiques ineffective cybersecurity regulations that fail to address modern challenges. The discussion provides insights into the end of the Scattered Lapsus$ Hunters and the implications for cybersecurity professionals. Source: IBM Security Intelligence.
2. Cyber Chaos at Europe's Big Airports: Australian Aviation's podcast explores the recent cybersecurity disruptions at major European airports, examining the vulnerabilities that led to chaos. The episode provides a comprehensive analysis of the incidents, offering lessons learned and strategies for enhancing airport cybersecurity resilience. Source: Australian Aviation.
3. Preparing for a Quantum Future: In this Security Magazine podcast, Samantha Mabey discusses the impending impact of quantum computing on digital security. The episode covers the challenges and opportunities presented by quantum technologies, emphasizing the need for proactive measures to safeguard sensitive data in a quantum-enabled world. Source: Security Magazine.

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, remember that the digital landscape is ever-evolving, with threats lurking in every corner. From retail giants to agricultural fields, no sector is immune to the relentless pursuit of cyber adversaries. Our deep dive into the latest cyber threats, like the persistent vulnerabilities in retail and agriculture, highlights the importance of staying informed and vigilant. The stories we share are not just headlines; they are real-world challenges that demand our attention and action. Whether it's a critical patch for a SolarWinds vulnerability or a zero-day exploit in Google Chrome, each alert is a call to arms for cybersecurity professionals and enthusiasts alike. We urge you to share this newsletter with your friends and colleagues. By spreading awareness, we can collectively fortify our defenses and ensure a safer digital environment for everyone. Let's keep the conversation going and stay ahead of the threats together. Until tomorrow, stay secure and informed. And don't forget to subscribe to our breaking news email alerts to never miss out on the latest in cybersecurity. Share the knowledge, spread the word, and let's build a resilient cyber community.

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)