Cyber Daily 9/30: Michigan Schools' Cyber Vulnerability, CISA's New Exploits, GoAnywhere MFT Zero-Day, Korea's Cyber Alert Amid Data Center Fire

Cyber Daily 9/30: Michigan Schools' Cyber Vulnerability, CISA's New Exploits, GoAnywhere MFT Zero-Day, Korea's Cyber Alert Amid Data Center Fire

Welcome to today's edition of ONSEC Cyber Daily, where we unravel the intricate web of cybersecurity threats and solutions. In a world where digital vulnerabilities are as prevalent as ever, today's stories converge into a cautionary tale of cyber resilience. We begin in Michigan, where schools are urged to fortify their defenses against cyber vulnerabilities. Regular cybersecurity assessments are no longer optional but essential to safeguard educational institutions from potential breaches. Meanwhile, CISA has added five new exploited vulnerabilities to its catalog, urging organizations to prioritize their defenses against cyberattacks. The threat landscape intensifies as Bitsight reports active discussions on cybercriminal forums about the critical CVE-2025-10035 vulnerability in GoAnywhere MFT, signaling a potential surge in exploitation. Businesses are also on high alert, with System Force IT highlighting ten warning signs of cyber vulnerability. Across the globe, the National Intelligence Service in Korea raises the cyber threat alert to 'caution' following a data center fire, underscoring the fragility of our interconnected systems. Meanwhile, Google and Cisco are in a race against time to patch critical security flaws in Android and IOS software, respectively. As we navigate these turbulent waters, the message is clear: vigilance and proactive measures are our best defense against the ever-evolving cyber threats. Stay informed, stay secure, and join us as we delve deeper into these pressing issues in today's ONSEC Cyber Daily.

Exploits Alert

  1. Critical Vulnerability Alert: CVE-2025-10035 in GoAnywhere MFT. A critical vulnerability identified as CVE-2025-10035 in GoAnywhere MFT has been gaining traction on cybercriminal forums, suggesting a potential increase in exploitation attempts. Organizations using this software are urged to apply patches promptly to mitigate risks. Source: Bitsight
  2. NIS Elevates Cyber Threat Alert to 'Caution' in Wake of Data Center Fire. Following a data center fire, the National Intelligence Service (NIS) in Korea has raised the cyber threat alert to 'caution'. This precautionary measure aims to prevent potential cyberattacks targeting vulnerable systems during the recovery phase. Source: Korea JoongAng Daily
  3. National Cyber Crisis Alert Raised to 'Caution' Following NIRS Data Center Fire. In response to the NIRS data center fire, a national cyber crisis alert has been elevated to 'caution'. Authorities are on high alert for any signs of cyberattacks or network disruptions, urging immediate reporting of unusual activities. Source: 아시아경제
  4. Smelser: Michigan Schools Can't Afford to Be Cyber Vulnerable. Michigan schools are being urged to conduct regular cybersecurity assessments to protect against potential cyber threats. This includes audits of network infrastructure and ensuring alert systems are secure. Source: The Detroit News
  5. CISA Adds Five Known Exploited Vulnerabilities to Catalog. CISA has added five new vulnerabilities to its catalog of known exploited vulnerabilities, urging organizations to prioritize mitigation efforts. This proactive approach aims to reduce exposure to cyberattacks across various sectors. Source:CISA

Vulnerabilities & Patches

  1. Critical Security Flaw in MyCourts: What Tennis Clubs Need to Know: A high-severity stored XSS vulnerability (CVE-2025-57424) has been identified in the MyCourts tennis booking platform, potentially allowing attackers to inject malicious scripts. This vulnerability could lead to unauthorized access to user data and manipulation of booking systems. Tennis clubs using MyCourts are advised to apply the latest patches immediately to safeguard their systems. Source: Latest Hacking News
  2. Google Warns Of Critical Security Flaws In Android 12-15: How To Protect Your Devices: Google's January security bulletin highlights several critical vulnerabilities in Android versions 12 to 15, which could allow attackers to execute malicious code remotely. Users are urged to update their devices to the latest security patches to mitigate potential risks. These vulnerabilities underscore the importance of regular software updates for mobile security. Source: MSN
  3. Cisco warns zero-day vulnerability exploited in attacks on IOS software: Cisco has patched a high-severity SNMP vulnerability (CVE-2025-20352) in its IOS software, which was being actively exploited in the wild. This flaw could allow attackers to cause a denial of service (DoS) or gain root access using crafted SNMP packets. Organizations using Cisco IOS are strongly advised to apply the patch to protect their networks. Source: MSN
  4. Critical Vulnerability Alert: CVE-2025-10035 in GoAnywhere MFT: A critical command injection vulnerability (CVE-2025-10035) in GoAnywhere MFT has been identified, allowing attackers to execute arbitrary commands via the license servlet. This zero-day flaw was exploited before its public disclosure, emphasizing the need for immediate patching and monitoring of systems using GoAnywhere MFT. Source: Bitsight
  5. Fortinet FortiWeb _cmf_get_config_file_path Directory Traversal Information Disclosure: The directory traversal vulnerability (CVE-2025-53609) in Fortinet FortiWeb allows remote attackers to access sensitive configuration files. This flaw could lead to unauthorized information disclosure, posing a significant risk to affected systems. Fortinet users are advised to implement the latest security updates to mitigate this threat. Source: SystemTek

Podcasts

  1. CISO Series Podcast LIVE in NYC (10-23-25): The CISO Series Podcast is taking its engaging cybersecurity discussions to New York City for a live recording session. This event promises to bring together industry experts and enthusiasts for an insightful episode, recorded at Mimecast. Attendees can expect lively debates and expert insights into the latest cybersecurity trends. Source: CISO Series
  2. Attackers Don't Break In Anymore. They Login With Unmanaged Non-Human Identities.: This podcast series from Cybercrime Magazine delves into the evolving tactics of cybercriminals who now exploit unmanaged non-human identities to infiltrate systems. Featuring daily episodes, it highlights real-world cases and expert opinions on how organizations can bolster their defenses against these sophisticated threats. Source: Cybercrime Magazine
  3. Dutch Espionage Arrest, DOD Risk Framework, Oyster Malvertising - CISO Series: This episode of the CISO Series Podcast covers a range of pressing cybersecurity issues, including a recent Dutch espionage arrest and the Department of Defense's risk management framework. The discussion also touches on the emerging threat of oyster malvertising, providing listeners with a comprehensive overview of current cybersecurity challenges. Source: CISO Series
  4. Milestone Episode 400: Reflecting on 16 Years of Shared Security: Celebrating its 400th episode, the Shared Security Podcast reflects on 16 years of cybersecurity discussions and insights. This milestone episode revisits key topics and moments from the podcast's history, offering listeners a nostalgic yet informative journey through the evolution of cybersecurity. Source: Security Boulevard

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, it's clear that the digital landscape is ever-evolving, and staying informed is our best defense. From Michigan schools needing robust cybersecurity measures to the latest vulnerabilities being exploited, the message is clear: vigilance is key. Whether it's ensuring your systems are up-to-date or sharing critical alerts with your network, every action counts in fortifying our digital world. We encourage you to share this newsletter with friends and colleagues who could benefit from staying informed about the latest in cybersecurity. Together, we can build a community that's not just aware, but prepared. Until tomorrow, stay safe and cyber-aware!

ONSEC.io | LinkedIn
ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.
x.com