Welcome to today's edition of ONSEC Cyber Daily, where the digital world is under siege, and the battle for cybersecurity intensifies. In a dramatic twist, CISA has sounded the alarm on a critical vulnerability in SunPower devices, allowing attackers full access, while Wi-Fi range extenders and TP-Link devices are under active attack. Meanwhile, Android's latest security update rolls out a massive patch bundle to combat two zero-day vulnerabilities, as Samsung races to fix nearly 100 bugs in its Galaxy devices. As the cyber landscape evolves, new leaders emerge, with Stan Black and Leslie Nielsen stepping into pivotal roles at D-Wave Quantum and Mimecast, respectively. Stay informed and secure as we navigate these turbulent cyber waters together.

Exploits Alert

1. CISA Warns of Critical SunPower Device Vulnerability: The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory about a critical vulnerability in SunPower PVS6 devices. This flaw allows attackers to gain full access to the device, posing significant risks to users. The vulnerability is under active exploitation, making immediate patching essential. Source: Cybersecurity News.
2. US Cybersecurity Agency Flags Wi-Fi Range Extender Vulnerability Under Active Attack: A critical vulnerability in Wi-Fi range extenders is currently being exploited by attackers, according to a warning from a US cybersecurity agency. This flaw could allow unauthorized access to networks, emphasizing the need for users to update their devices promptly. The vulnerability's active exploitation highlights its severity and the urgency for remediation. Source: Security Week.
3. CISA Alerts on TP-Link Authentication Flaw Under Active Exploitation: CISA has alerted users about a serious security hole in certain TP-Link devices, which is being actively exploited. This authentication flaw could allow attackers to bypass security measures and gain unauthorized access. Users are urged to apply available patches to mitigate potential risks. Source: GBHackers.
4. Warning: Flaws in Copeland OT Controllers Can Be Leveraged by Threat Actors: Security flaws in Copeland OT controllers have been identified, which could be exploited by threat actors to disrupt operations. These vulnerabilities highlight the importance of robust patch management and the need for organizations to secure their operational technology environments. Immediate action is recommended to prevent potential cyberattacks. Source: CSO Online.

Vulnerabilities & Patches

1. Critical Vulnerabilities Found in Android Versions 13 to 16, Security Patches Available: Researchers have discovered a critical vulnerability, CVE-2025-48539, in Android versions 13 to 16 that could lead to remote code execution. Google has released patches to address these security issues, urging users to update their devices immediately to mitigate potential risks. Source
2. Android Rolls Out Largest Patch Bundle This Year Amid Exploitation of Two Critical Flaws: Android's latest patch bundle addresses two critical vulnerabilities, CVE-2025-38352 and another unnamed flaw, both of which were actively exploited in the wild. These vulnerabilities could allow attackers to gain elevated privileges, emphasizing the importance of applying the updates promptly. Source
3. Google Patches Two Android Zero-Days, 120 Defects Total in September Security Update: Google's September security update fixes 120 vulnerabilities, including two zero-day flaws, CVE-2025-38352 and CVE-2025-48539, that were under active attack. The update also addresses numerous other security issues across various components, reinforcing device security. Source
4. Chrome 140 Release Fixes Critical RCE Vulnerabilities: The latest Chrome update resolves six vulnerabilities, including a critical remote code execution flaw tracked as CVE-2025-9864. Users are advised to update their browsers to protect against potential exploitation of these security gaps. Source
5. NVIDIA Patches Vulnerabilities Causing DoS, EoP, and Data Exposure: NVIDIA has released patches for several vulnerabilities, including CVE-2025-23256, which could lead to denial of service, elevation of privilege, and data exposure. Users are encouraged to apply these updates to safeguard their systems from potential threats. Source

Podcasts

1. AI & Cyber Resilience: What Every C-Suite Must Know – Transformers Podcast | IBM: This episode of the Transformers podcast features Ann Funai and Mike Gowen discussing the intersection of sales, cybersecurity, and AI. They delve into how these elements are crucial for C-Suite executives to understand in order to enhance organizational resilience. Source
2. Ransomware in the Rearview - CyberWire: This podcast episode provides a comprehensive look at the evolving landscape of ransomware threats. It includes insights from cybersecurity experts on how organizations can better prepare and respond to these persistent threats. Source
3. Blizzard Warning: Amazon Freezes Midnight Hack - CyberWire: This episode explores the strategic path from policy to operational cyber defense, highlighting a recent incident involving Amazon. It offers a preview of the latest episode of "Only Malware," promising a deep dive into cybersecurity strategies. Source
4. Nicholas Andersen Takes Helm of Cybersecurity at CISA - The Cyber Express: This episode from the Black Hat USA 2025 CISO Podcast Series features Nicholas Andersen's new role at CISA. It serves as a crucial resource for security leaders, offering insights into the latest cybersecurity strategies and leadership approaches. Source
5. Human Based Cybersecurity Risks - Security Boulevard: Episode 48 of The Cybersecurity Vault discusses the human element in cybersecurity risks. With guest Wade Baker, the episode examines how human error can impact cybersecurity and offers strategies to mitigate these risks. Source

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, it's clear that the digital landscape is ever-evolving, with new vulnerabilities emerging at every turn. From the critical SunPower device flaw to the ongoing challenges with Android and TP-Link, staying informed is more crucial than ever. Remember, cybersecurity is a collective effort, and knowledge is our first line of defense. We encourage you to share this newsletter with your friends and colleagues. By spreading awareness, we can all contribute to a safer digital world. Let's stay vigilant and informed together. Until tomorrow, stay secure and keep your systems patched!

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)