Latest

Cyber Daily 10/28: CISA Warns on Veeder-Root & WSUS Flaws, OpenAI & WhatsApp Vulnerabilities Exploited

Welcome to the ONSEC Cyber Daily for October 28, where today's cybersecurity landscape unfolds like a high-stakes thriller. The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm on critical vulnerabilities in Veeder-Root systems, potentially allowing attackers to execute system commands with ease. Meanwhile, a newly discovered

Cyber Daily 10/9: Chrome & GoAnywhere Flaws Exploited, CISA Warns on Zimbra, Microsoft Alerts on Lua Vulnerabilities

Welcome to the ONSEC Cyber Daily, where today's digital landscape unfolds with urgency and intrigue. As the cyber world buzzes with activity, CERT-In has issued a critical alert for Chrome users, urging immediate updates to thwart potential cyberattacks. Meanwhile, the Medusa ransomware is exploiting a critical GoAnywhere vulnerability,

Cyber Daily 10/8: CISA Alerts on Windows & Oracle Flaws, State Agencies Vulnerable, Redis RCE Threat Looms

Welcome to today's edition of ONSEC Cyber Daily, where the digital landscape is as turbulent as ever. As the U.S. Cybersecurity and Infrastructure Security Agency (CISA) sounds the alarm on a critical Windows flaw actively exploited by cybercriminals, state agencies are failing cyber safety tests, prompting auditors

Cyber Daily 10/7: Oracle E-Business Suite Zero-Day Exploited, FBI & UK Urge Patching, AI's Role in Cyber Defense, Microsoft Warns of Windows 10 Vulnerability

Welcome to the ONSEC Cyber Daily for October 7, 2025. Today's issue dives into the unfolding saga of CVE-2025-61882, a critical vulnerability in Oracle's E-Business Suite that has sent shockwaves through the cybersecurity community. As cybercriminal forums buzz with chatter, organizations worldwide, including hospitals, are urged

Cyber Daily 10/3: US Cyber Agency Shutdown Risks, Google Clop Alert, Apple Urgent Update, OpenSSL Bugs Patched

Welcome to the ONSEC Cyber Daily, where today's headlines weave a complex narrative of vulnerability and urgency. As the government shutdown sidelines key cybersecurity personnel, the nation's critical infrastructure stands exposed, raising alarms about potential threats to our electric grid and water supply. Meanwhile, hackers have

Cyber Daily 10/1: CISA Alerts on Libraesva & Sudo Flaws, China Exploits VMware, Hackers Target Palo Alto

Welcome to the ONSEC Cyber Daily for October 1, 2025. Today's issue dives into a web of vulnerabilities and exploits that are shaking the cybersecurity landscape. CISA has issued a critical alert on the active exploitation of the Libraesva ESG Command Injection vulnerability, a threat that is already

Cyber Daily 9/30: Michigan Schools' Cyber Vulnerability, CISA's New Exploits, GoAnywhere MFT Zero-Day, Korea's Cyber Alert Amid Data Center Fire

Welcome to today's edition of ONSEC Cyber Daily, where we unravel the intricate web of cybersecurity threats and solutions. In a world where digital vulnerabilities are as prevalent as ever, today's stories converge into a cautionary tale of cyber resilience. We begin in Michigan, where schools

Cyber Daily 9/25: Retail & Agriculture Under Siege, SolarWinds & Chrome Vulnerabilities Unveiled

Welcome to the ONSEC Cyber Daily for September 25th, where today's headlines weave a compelling narrative of digital vulnerability across industries. We begin with an alert that has sent ripples through the retail sector, uncovering a persistent cyberthreat that has already impacted 60% of companies. Meanwhile, the agricultural

Cyber Daily 9/11: Microsoft Patch Frenzy, SonicWall Exploit, Kikimora's AI Defense, Chrome's Critical Fix

Welcome to today's edition of ONSEC Cyber Daily, where the digital realm's latest developments unfold into a gripping narrative of innovation and vulnerability. As the cybersecurity landscape evolves, Kikimora steps into the spotlight with the launch of Kikimora Agent, an AI-powered platform designed to fortify SMEs

Cyber Daily 9/10: EU Logistics Cyber Threats, Chrome RCE Patch, Adobe Commerce Flaw, Microsoft Patch Tuesday - A Unified Call for Cyber Resilience

Welcome to today's edition of ONSEC Cyber Daily, where the digital and physical worlds collide in a tale of resilience and vulnerability. As Europe grapples with logistics bottlenecks, cyberattacks, and geopolitical disruptions, the industrial sector stands at a crossroads, demanding robust defenses against systemic risks. Meanwhile, the digital

Cyber Daily 9/9: Cyberbay Warns Energy Sector, UAE's Smart Home Vulnerabilities, SAP S/4HANA Flaw Exploited, Firewall Bypass Research

Welcome to the ONSEC Cyber Daily for September 9th, where today's headlines weave a cautionary tale of vulnerabilities and defenses in the digital age. As the energy sector braces for potential cyber onslaughts, experts like Felix Kan of Cyberbay sound the alarm on aging infrastructures. Meanwhile, researchers have

Cyber Daily 9/8: UAE Smart Home Vulnerability Warning, Commvault's Cyber Resilience Boost, Salesloft Drift Breach Impact, FBI's Cyberattack Combating Strategies

Welcome to today's edition of ONSEC Cyber Daily, where we unravel the intricate web of cybersecurity developments shaping our digital landscape. In a world where 70% of smart home devices in the UAE stand vulnerable to cyberattacks, a stark warning from the Cyber Security Council underscores the urgent

Cyber Daily 9/7: SAP & Android Vulnerabilities Exploited, TP-Link Flaws Threaten Microsoft 365 Security

**ONSEC Cyber Daily: September 7, 2025** Welcome to today's edition of ONSEC Cyber Daily, where the digital landscape is anything but quiet. Our top story unfolds like a thriller, with hackers actively exploiting a critical SAP vulnerability, CVE-2025-42957, putting countless systems at risk. Veteran cybersecurity reporter Deeba from

Cyber Daily 9/6: Android & SAP Flaws Exploited, CISA Urges Patching, Czech Warns of China Data Theft, Bridgestone Hit by Cyberattack

Welcome to the ONSEC Cyber Daily for September 6th, where the digital battlefield is more active than ever. Today, we delve into a world where vulnerabilities are the new weapons, and patches are the shields. The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert on a critical

Cyber Daily 9/5: Cisco ASA & SAP S/4HANA Exploits, Sitecore Zero-Day Threats, Google Patches Android Flaws

Welcome to the ONSEC Cyber Daily for September 5th, where today's digital landscape is a battlefield of vulnerabilities and exploits. Hackers are aggressively scanning Cisco ASA devices, leveraging a staggering 25,000 IPs to exploit known weaknesses. Meanwhile, GreyNoise's early warning system is on high alert,

Cyber Daily 9/12: Akira Ransomware Exploits SonicWall Flaw, ACSC Alerts Australia; Norton Shields SMBs from Dark Web Threats

**ONSEC Cyber Daily: September 12, 2025** In today's edition, we unravel a web of cyber threats that are shaking the digital landscape. The Australian Cyber Security Centre (ACSC) has issued a stark warning about the Akira ransomware, which is aggressively targeting Australian organizations. This threat is compounded by

Cyber Daily 9/13: Blockstream's Bitcoin Phishing Alert, SonicWall Ransomware Surge, Panama's Cyber Breach, Samsung's Zero-Day Patch

Welcome to the ONSEC Cyber Daily for September 13, 2025. Today, we dive into a digital battlefield where vulnerabilities are the frontline. Blockstream raises the alarm on phishing threats, revealing the human Achilles' heel in Bitcoin's armor. Meanwhile, SonicWall firewalls face a relentless Akira ransomware surge, exploiting

Cyber Daily 9/14: FBI Warns of Salesforce Vishing, Google & Samsung Tackle Android Vulnerabilities

**ONSEC Cyber Daily - September 14, 2025** Welcome to today's edition of ONSEC Cyber Daily, where we unravel the tangled web of cyber threats and defenses. In a world where a single click can lead to chaos, police are urging students to stay vigilant against suspicious links as

Cyber Daily 9/15: Microsoft Zero-Day, Asia Cyber-Scams, Commvault's Early Warning, GitHub Desktop Threats

**ONSEC Cyber Daily - September 15, 2025** Welcome to today's edition of ONSEC Cyber Daily, where we unravel the intricate web of cyber threats and defenses shaping our digital world. In this issue, we delve into the shadowy operations of cyber-scam camps migrating to vulnerable nations, as identified

Cyber Daily 9/16: FBI Warns of Salesforce OAuth Exploits, WhatsApp Flaw on Windows, Samsung Galaxy Security Patch, IBM QRadar Vulnerability

**ONSEC Cyber Daily: September 16, 2025** Welcome to today's edition of ONSEC Cyber Daily, where the digital battlefield is ever-evolving, and vigilance is key. Today, we unravel a web of cyber threats that span from sophisticated Salesforce exploits to vulnerabilities lurking in your everyday devices. The FBI has

Cyber Daily 9/17: AI Server Risks, Salesforce Targeted, Apple & Microsoft Patch Frenzy, Passwordless Future

**ONSEC Cyber Daily: September 17, 2025** Welcome to today's edition of ONSEC Cyber Daily, where we unravel the tangled web of cyber threats lurking in the shadows. In this issue, we dive into the critical vulnerabilities that small and medium enterprises (SMEs) must guard against, starting with the

Cyber Daily 9/18: Chrome & Apple Vulnerabilities Exposed, Canada Cybersecurity Bill Risks, SMEs Under Siege

Welcome to the ONSEC Cyber Daily for September 18, 2025. Today, we dive into a web of vulnerabilities that are shaking the digital world. From Nigeria to Canada, and across the globe, cybercriminals are exploiting weaknesses in our most trusted devices and platforms. The Nigerian Data Protection Commission (NDPC) has

Cyber Daily 9/4: CISA Alerts on SunPower & TP-Link Flaws, Android's Massive Patch, Samsung's Security Overhaul

Welcome to today's edition of ONSEC Cyber Daily, where the digital world is under siege, and the battle for cybersecurity intensifies. In a dramatic twist, CISA has sounded the alarm on a critical vulnerability in SunPower devices, allowing attackers full access, while Wi-Fi range extenders and TP-Link devices

Cyber Daily 8/1: Microsoft SharePoint Breach, iOS Vulnerabilities, Fermilab Cyberattack, GreyNoise Research on Hacker Activity

ONSEC Cyber Daily: August 1st Edition. Welcome to today's edition of ONSEC Cyber Daily, where we unravel the intricate web of cybersecurity threats and solutions. In a world where vulnerabilities lurk in the shadows, today's issue is a clarion call to action. From the looming specter

Cyber Daily 7/31: AI Solves Cybersecurity, Africa Faces AI Threat, Microsoft SharePoint Exploit, Apple Patches Chrome Zero-Day

Welcome to the ONSEC Cyber Daily for July 31, 2025, where today's headlines weave a compelling narrative of innovation, vulnerability, and resilience in the ever-evolving cybersecurity landscape. NYU Tandon researchers have unveiled an AI agent capable of autonomously tackling cybersecurity challenges, a beacon of hope amidst a sea

Cyber Daily 7/23: UK Bans Ransomware Payments, Chinese Hackers Exploit SharePoint Flaws, Microsoft Scrambles to Patch, Global Cybersecurity Alert

ONSEC Cyber Daily: July 23, 2025. Welcome to today's edition of ONSEC Cyber Daily, where the digital battlefield is more intense than ever. The United Kingdom has taken a bold step to combat ransomware by banning public sector payments, sending a strong message to cybercriminals worldwide. Meanwhile, a

Cyber Daily 7/24: Microsoft SharePoint Breach, US Nuclear Hack, AI Vulnerabilities, China Exploits

Welcome to today's edition of ONSEC Cyber Daily, where the digital world is under siege. In a dramatic turn of events, a critical SharePoint vulnerability, CVE-2025-53770, with a staggering CVSS score of 9.8, has sent shockwaves through the cybersecurity community. This flaw has not only prompted an

Cyber Daily 7/21: Microsoft Faces Global Cyberattack, SharePoint Zero-Day Exploited, Urgent Patches Issued, 7-Zip Vulnerability Crashes Systems

ONSEC Cyber Daily - July 21, 2025 Welcome to today's edition of ONSEC Cyber Daily, where we unravel the latest in the world of cybersecurity. Today, we delve into a gripping narrative of digital warfare, as Microsoft finds itself at the epicenter of a relentless cyber onslaught. A

Cyber Daily 7/20: SharePoint 0-Day, US Train Brake Flaw, CrushFTP Exploit, Fortinet SQL Injection - A Web of Vulnerabilities Unfolds

ONSEC Cyber Daily: July 20, 2025. Welcome to today's edition of ONSEC Cyber Daily, where the digital battlefield is more intense than ever. Our top story reveals a chilling narrative of cyber threats that are not just knocking at the door but breaking it down. A newly discovered

Cyber Daily 7/25: Microsoft SharePoint Zero-Day Exploited Globally, Chinese Hackers Deploy Ransomware, US Agencies Targeted, Urgent Patches Released

ONSEC Cyber Daily - July 25, 2025. Welcome to today's edition of ONSEC Cyber Daily, where we unravel the intricate web of cyber threats and vulnerabilities shaping our digital landscape. Today, we dive into a rapidly escalating cyber campaign that has taken the world by storm. A critical

Cyber Daily 7/22: Microsoft SharePoint Zero-Day Exploited Globally, CISA Issues Urgent Alert, Emergency Patches Released, Agencies Race to Mitigate Vulnerability

Welcome to the ONSEC Cyber Daily for July 22, 2025. Today, we dive into a critical narrative unfolding in the cybersecurity world. A zero-day vulnerability has been discovered in Microsoft SharePoint servers, leading to a wave of global cyberattacks. Microsoft has issued an urgent alert and released emergency patches to

Cyber Daily 7/16: Nvidia GPUs & US Trains Vulnerable, UK Launches Cyber Research, Microsoft Patches 130+ Flaws

Welcome to today's edition of ONSEC Cyber Daily, where we unravel the intricate web of vulnerabilities threatening our digital and physical worlds. Today, we dive into a chilling narrative of interconnected threats that span from the heart of our technological infrastructure to the very rails that carry our

Cyber Daily 7/17: Vim Vulnerability, AI Phishing, CISA Train Warning, WordPress Alert - A Unified Threat Landscape

Welcome to the ONSEC Cyber Daily, where today's issue unravels a web of vulnerabilities that could redefine your digital safety. From the Vim Command-Line Editor's alarming flaw allowing attackers to overwrite sensitive files, to AI phishing exploits manipulating trust in Gmail and MS 365, the cyber

Cyber Daily 7/15: CitrixBleed 2 Exploits, Train Brake Vulnerability, Gmail Hack Alert, FortiWeb RCE Threats - A Global Cybersecurity Crisis Unfolds

Welcome to the ONSEC Cyber Daily for July 15th, where today's headlines weave a chilling narrative of vulnerabilities and exploits that could redefine the landscape of cybersecurity. As CitrixBleed 2 emerges from the shadows, echoing the chaos of its predecessor, organizations worldwide brace for impact. Meanwhile, a stark

Cyber Daily 7/10: Citrix NetScaler Breach, ServiceNow Vulnerability, Chinese Hackers Target Microsoft, Cyber-Risks in Water Sector

Welcome to the ONSEC Cyber Daily for October 7, 2025. Today's issue weaves a narrative of vulnerabilities and resilience in the ever-evolving cyber landscape. We begin with a critical security alert on Citrix NetScaler, highlighting a vulnerability (CVE-2025-5777) that demands immediate attention. As we delve deeper, the water

Cyber Daily 7/9: Windows Vulnerability Alarms, AI Protocols Under Siege, CISA Alerts on Exploits, CyberArk's Security Insights

Welcome to the ONSEC Cyber Daily for July 9, 2025. Today, we dive into a whirlwind of vulnerabilities shaking the cybersecurity landscape. From a critical Windows flaw causing ripples of concern among experts to the revelation of security gaps in the Agentic AI Protocol, the digital world is on high

Cyber Daily 7/8: CitrixBleed 2 Exploits Unleashed, Australia Urges Action, CISA's New Vulnerability Alerts, Chinese Apps Privacy Risks

Welcome to today's edition of ONSEC Cyber Daily, where the digital landscape is more volatile than ever. As Citrix's Netscaler vulnerabilities deepen with the release of proof-of-concept exploits, organizations worldwide are on high alert. The Australian Cyber Security Centre has issued an urgent "Act Now&

Cyber Daily 7/3: Qantas Breach, ModSecurity WAF Vulnerability, Healthcare Data Risks, Chrome Zero-Day Exploit

Welcome to today's edition of ONSEC Cyber Daily, where we unravel the tangled web of cyber threats lurking in the shadows of our digital world. Today, we dive into a narrative that connects the dots between healthcare's ticking time bomb of data privacy risks and the

Cyber Daily 7/2: Iranian Cyber Threats Target US Infrastructure, Chrome Zero-Day Exploited, Citrix Vulnerabilities Exposed

Welcome to today's edition of ONSEC Cyber Daily, where we unravel the intricate web of cyber threats and defenses. Today's spotlight is on a looming cyber storm brewing from the East. Iranian cyber actors are sharpening their digital swords, posing a significant threat to U.S.

Cyber Daily 7/1: Iranian Attacks on US Networks, Glasgow Scam Alert, Citrix Vulnerability Exploited, RBI Urges Zero-Trust

In today's edition, we unravel a web of cyber threats that span continents and industries, painting a vivid picture of the digital battlefield. The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm on potential Iranian cyberattacks targeting vulnerable U.S. networks, urging heightened vigilance. Meanwhile, Glasgow

Cyber Daily 6/27: CISA Alerts on D-Link, ControlID, HPE, AMI, IBM, Cisco, Citrix Flaws; Cybercriminals Exploit Vulnerabilities in Global Tech Giants

Welcome to the June 27th edition of ONSEC Cyber Daily, where today's headlines weave a tale of vulnerabilities and urgent warnings. The Cybersecurity and Infrastructure Security Agency (CISA) is sounding the alarm on a series of critical vulnerabilities, from D-Link routers to ControlID's iDSecure software, each

Cyber Daily 6/26: CitrixBleed 2 Exploits, Firefox 140 Patch, Iranian Hackers Target US, Patch Cycles vs. Exploit Kits

Welcome to the June 26th edition of ONSEC Cyber Daily, where today's headlines weave a tale of digital intrigue and urgency. As Firefox 140 rolls out a crucial update to patch a code execution vulnerability, the cyber landscape is abuzz with vulnerabilities across platforms, from macOS to Android.

Cyber Daily 6/24: China Exploits Cisco in Canada, Citrix Patches, NCSC Warns on Fortinet, Apple Silently Fixes iOS Flaw

Welcome to the June 24th edition of ONSEC Cyber Daily, where today's headlines weave a tale of global cyber intrigue. The spotlight shines on a China-linked group, Salt Typhoon, exploiting a critical Cisco vulnerability to target Canadian telecoms, prompting urgent advisories from both the Canadian Centre for Cyber

Cyber Daily 6/25: Healthcare Under Siege, CISA's Memory Fix, Notepad++ Exploit, Chinese Salt Typhoon Targets Canada

Welcome to the June 25th edition of ONSEC Cyber Daily, where we unravel the intricate web of cyber threats and vulnerabilities shaping our digital landscape. Today, we delve into the escalating cyber crisis plaguing the healthcare sector, where hospitals and insurers find themselves under siege from relentless cyberattacks. As the

Cyber Daily 6/19: North Korea's Hiring Hack, Fake CAPTCHA Malware, Siemens ICS Alert, Lazarus Hits South Korea

Welcome to the June 19th edition of ONSEC Cyber Daily, where the digital battlefield is ever-evolving, and today's headlines weave a narrative of heightened vigilance and strategic defense. As hiring processes transform into unforeseen cybersecurity vulnerabilities, organizations must brace for the unexpected. The U.S. Department of the

Cyber Daily 6/18: US-Canada Disrupt Ethereum Scam, Tehran's Cyber Retaliation Looms, TP-Link & iOS Flaws Exploited, Chrome Zero-Day Backdoor Threat

Welcome to the June 18th edition of ONSEC Cyber Daily, where we unravel the intricate web of today's most pressing cybersecurity developments. In a groundbreaking move, the US and Canada have joined forces to dismantle a sophisticated Ethereum blockchain "approval phishing" scam, marking a new era

Cyber Daily 6/17: TP-Link & iOS Exploits, Microsoft & Langflow Patches, Sitecore RCE Threats

Welcome to the June 17th edition of ONSEC Cyber Daily, where today's headlines weave a tale of digital urgency and defense. As cyber threats loom large, CISA has sounded the alarm on a critical TP-Link router flaw, CVE-2023-33538, now under active exploitation. Meanwhile, a zero-click vulnerability in iOS

Cyber Daily 6/9: 72% Indian Firms Targeted, AI-Driven Scams Surge, Google Chrome & Windows Vulnerabilities, Patch Tuesday Forecast

Subject: ONSEC Cyber Daily: The AI Threat Lurking in Your Inbox Good Morning, In today's issue of ONSEC Cyber Daily, we delve into the alarming rise of cyberattacks in India, where a staggering 72% of organizations have been targeted. The weapon of choice? Artificial Intelligence (AI), enabling stealthier

Cyber Daily 6/4: Proactive Threat Management Revolution, Safari XSS Flaw, Algerian Hackers Target Morocco, Samsung and Google Patch Critical Vulnerabilities

Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving into the evolving landscape of cybersecurity strategies, where proactive threat management is becoming the new norm. We'll explore how cybercriminals are leveraging advanced persistent threats, AI-driven phishing, and deepfake-based social engineering techniques to breach

Cyber Daily 6/2: iPhone Vulnerability Alert, $37M Crypto Heist Exploiting SIM Flaws, 184M Passwords Leaked, AI Cyber Risks & Patch Management

Good morning, ONSEC Cyber Daily readers! Today, we're diving into a whirlpool of vulnerabilities, cyber threats, and the evolving landscape of cybersecurity. First up, a red alert for all iPhone users: Safe Data Storage has issued a warning about a potential vulnerability in your devices. Don't

Cyber Daily 6/6: Wireshark, IBM Tivoli Vulnerabilities; Android 13+ Malware Bypass; TSA, Google Cybersecurity Warnings; Cisco, VMware, HPE, Qualcomm Patches; Heimdal Podcast

Welcome to today's issue of ONSEC Cyber Daily, where we're diving into the latest cybersecurity threats and defenses. We're starting with a critical Wireshark vulnerability that could enable DoS attacks through malicious packet injection. Meanwhile, Android 13+ is under threat as cybercriminals use malware

Cyber Daily 6/5: EU's New Vulnerability Database, Neuroscience Battles Alert Fatigue, Cisco's IOS XE Flaw, CISA's ICS Advisories, Google's Emergency Chrome Patch, Qualcomm's Security Flaws

Welcome to the latest issue of ONSEC Cyber Daily, your one-stop source for all things cybersecurity. Today, we're diving into the EU's new European Vulnerability Database (EUVD), a significant step towards enhancing cybersecurity and supporting risk assessment and incident response. But it's not just

Cyber Daily 6/3: Linux Passwords at Risk, SMEs Face Unprecedented Attacks, Critical Vulnerabilities in vBulletin and Consilium Fire Panel, Qualcomm Urges Patching of Adreno GPU Flaws

Welcome to the ONSEC Cyber Daily for June 3rd, 2025. Today, we're navigating the sea of alerts to prioritize vulnerabilities that are making waves in the cybersecurity landscape. Small and medium-sized enterprises (SMEs) are under siege, with unprecedented cyberattacks threatening their operations. Veteran cybersecurity writer, Davey Winder, warns

Cyber Daily 5/30: Santesoft Vulnerability, Urgent iOS Update, NHS Cyberattacks, Asus Router Compromise, Google Chrome Patch, Podcast Highlights

Welcome to your ONSEC Cyber Daily for May 30th. Today, we're diving into a whirlwind of vulnerabilities, patches, and cyberattacks that are shaking the tech world. First up, we have a critical vulnerability in Santesoft's Sante DICOM Viewer Pro that could allow attackers to disclose information

Cyber Daily 5/29: Toll Fee Scams Alert, XenServer VM Flaw, WooCommerce Plugin Vulnerability, Ivanti NHS Data Risk, Pakistan's Massive Data Breach, Google Chrome & ASUS Updates

Good morning, ONSEC Cyber Daily readers! Today, we're diving into a series of alarming cybersecurity developments that have surfaced across the globe. First up, we're discussing a new warning issued over toll fee scams, a deceptive practice that's causing havoc for unsuspecting victims. In

Cyber Daily 5/28: DragonForce Ransomware Exploits SimpleHelp, Pakistan's 180M User Data Breach, Microsoft's Critical Security Flaws, Adobe's Remote Code Execution Vulnerability

Welcome to your daily dose of ONSEC Cyber Daily, where we bring you the most critical cybersecurity updates. Today, we're diving into the world of ransomware, as DragonForce hackers exploit SimpleHelp vulnerabilities. We'll also be discussing the appointment of Shane Barney as the new Chief Information

Cyber Daily 5/27: Chinese Hackers Target US via Cityworks Exploit, vBulletin Forum Vulnerability Exposed, India's Microsoft Security Alert, Oracle TNS Flaw, Patch Updates for Ivanti, Fortinet, Linux Kernel

Good Morning ONSEC Cyber Daily Readers, In today's issue, we're diving into a series of critical cybersecurity alerts and vulnerabilities that are making headlines. Chinese hackers are exploiting a 0-Day vulnerability in Cityworks, a platform widely used by US local governments. This comes as Cisco Talos

Cyber Daily 5/22: Apple's AirBorne Flaw Threatens iPhones, Attaxion Teams Up with ENISA, SideWinder Exploits Legacy Office Vulnerabilities, Cybersecurity Podcasts Gain Traction

Welcome to the ONSEC Cyber Daily, your one-stop source for the latest in cybersecurity news. In today's issue, we're sounding the alarm on a massive security flaw found in Apple devices. The vulnerability, ominously dubbed "AirBorne," has security researchers urging iPhone users to disable

Cyber Daily 5/19: Ankit Tiwari Cyber Attack, High-Severity Alert for Chrome Users, AI Widening Cybersecurity Gaps in Morocco, Microsoft Patches Exploited Vulnerabilities

Subject: ONSEC Cyber Daily - Celebrity Cyber Attack, Chrome Alert, AI Cybersecurity Gaps, and More Hello ONSEC readers, In today's issue, we're hitting some high notes with a story about a cyber attack against popular Indian singer, Ankit Tiwari. As India faces increasing geopolitical tensions, cybercriminals

Cyber Daily 5/23: Firefox, Chrome Vulnerabilities Alert by NCERT, German Cyber Agency Warns of Grid Threats, WhatsApp Security Flaws, Chinese Hackers Exploit Cityworks Bug, Multiple CVEs Patched

Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving into a world where vulnerabilities are lurking in every corner. From Firefox and Chrome being susceptible to cyber threats, as warned by NCERT, to the German Federal Office for Information Security sounding the alarm on grid

Cyber Daily 5/21: FBI Warns of Router Exploits, National Defense at Cyber Risk, AI in Telecom Cybersecurity, Multiple CVE Patches, Cybersecurity Podcasts Trending

Good morning ONSEC Cyber Daily readers! In today's issue, we're diving into the deep end of cybersecurity, starting with the increasing risks to national defense from cyberattacks. We'll explore how the FBI is warning of cyber actors exploiting end-of-life routers, a threat that hit

Cyber Daily 5/20: iPhone AirPlay Flaws, UK's AI Cybersecurity Codes, Healthcare Cyber Threats, CISA Alerts Discontinued, Toaster Hacking in UK, Google Chrome Vulnerabilities, EU's Vulnerability Database, Patch Tuesday Updates, Cybersecurity Podcasts

Welcome to your ONSEC Cyber Daily dose for May 20th. Today, we're diving into a sea of vulnerabilities and warnings that are making waves across the globe. First up, iPhone users, beware! A critical flaw has been discovered in Apple's AirPlay feature, putting 1.8 billion

Cyber Daily 5/16: SonicWall and Ivanti Vulnerabilities, CISA Alerts on Windows and Fortinet Exploits, Google and India Warn Android Users

Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving into a whirlwind of vulnerabilities and patches that have been making waves in the cyber world. SonicWall has confirmed an encoded URL server-side request forgery vulnerability, while the Australian Signals Directorate (ASD) has issued an alert

Cyber Daily 5/15: SK audits for vulnerabilities, ASD alerts on Ivanti Endpoint Manager, FBI warns on router risks, UAE acts on Microsoft flaws, Patch Tuesday tackles multiple CVEs

Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving into a world where cybersecurity vulnerabilities are being audited, alerts are being issued, and urgent warnings are being sounded. From SK's decision to audit all affiliates for cybersecurity vulnerabilities to the Australian Signals Directorate&

Cyber Daily 5/14: CISA Warns of TeleMessage Vulnerability, Chinese Hackers Exploit SAP, Oracle Cloud Hosts eQure's Cybersecurity Platform, EU Launches Vulnerability Database

Welcome to today's issue of ONSEC Cyber Daily. We're diving into the world of cybersecurity, where vulnerabilities are the name of the game. From the CISA warning about a TeleMessage vulnerability to the launch of eQure's Ground-Truth Cybersecurity Platform on Oracle Cloud Infrastructure, it&

Cyber Daily 5/13: FBI and Indian Govt Warn of Cyber Vulnerabilities, Automation in Vulnerability Management, Proxy Botnets Takedown, Apple and Asus Patch Critical Flaws

Welcome to your daily dose of ONSEC Cyber Daily, where we keep you updated on the latest cybersecurity news. Today, the FBI has issued a major warning for phone and computer users, highlighting the risk of cyber actors exploiting known vulnerabilities. This comes on the heels of an alert from

Cyber Daily 5/9: FBI Warns of Old Router Vulnerabilities, UK Encryption Backdoor Sparks Concern, Microsoft Bookings and Cisco IOS Vulnerabilities, AI Supercharges Cyber Threats

Welcome to the ONSEC Cyber Daily! Today's issue is a wake-up call for all of us. The FBI has warned that old routers are vulnerable to hackers, and proxy services like Anyproxy and 5Socks have been accused of aiding cybercriminals. Meanwhile, US lawmakers are slamming the UK'

Cyber Daily 5/8: End of Life Routers Exploited, IBM Cognos Analytics Vulnerability, Rising Threats to OT Systems, SAP NetWeaver Under Attack

Welcome to the ONSEC Cyber Daily, your one-stop source for the latest in cybersecurity news. Today, we delve into the world of cybercriminals exploiting end-of-life routers and the vulnerabilities they leave behind. We'll also discuss the critical security advisory issued by IBM regarding its Cognos Analytics platform. In

Cyber Daily 5/7: BTMOB RAT Threatens Moroccan Users, Retailers Bolster Cybersecurity, Android's Critical Patch for CVE-2025-27363, Exploited Vulnerabilities in Samsung and SonicWall

Welcome to today's issue of ONSEC Cyber Daily. We're diving deep into the world of cyber threats and vulnerabilities, starting with the BTMOB RAT virus that's causing havoc for Moroccan users. We'll explore how cybercriminals are using this "Malware-as-a-Service" to

Cyber Daily 5/6: CISA Alerts on Langflow Exploit, Cyber Onslaught on Indian Defence, SonicBoom Bypasses Login, Google & MediaTek Patch Flaws, AI in Medical Device Security

Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving into a series of alerts and vulnerabilities that are shaking up the cybersecurity landscape. First up, the Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert about an actively exploited vulnerability in Langflow. This

Cyber Daily 5/1: SAP, M&S, Co-op Vulnerabilities, DNA Hacking Threats, CISA's Broadcom, Commvault Alert, AI in Cybersecurity, Apple AirPlay Patch, Cybersecurity Podcasts

Welcome to the 5/1 issue of ONSEC Cyber Daily, your one-stop source for the latest in cybersecurity news. Today, we're diving into the growing challenge of managing cybersecurity fatigue among CISOs and their teams. We'll also be discussing the recent security alert regarding the SAP

Cyber Daily 5/2: M&S Cyber Attack Disrupts Supply, SonicWall VPN Exploits, SK Telecom Breach Linked to China, World Password Day Insights, Tesla & Netgear Vulnerabilities Patched

Welcome to the May 2nd edition of ONSEC Cyber Daily, your daily dose of cybersecurity news and updates. Today, we delve into the major cyber attack that left M&S Percy Pig fans in disarray and exposed critical vulnerabilities. We also explore the new wave of VPN exploits targeting

Cyber Daily 4/30: NetApp Boosts Storage Layer Security, Cybersecurity Firms Under Siege, CISA Alerts on Commvault, Brocade Vulnerabilities, Chrome and Apache Patch Updates

Welcome to your daily dose of cybersecurity updates from ONSEC Cyber Daily. Today, we delve into the escalating threats in the cyber world, with NetApp advancing cybersecurity at the storage layer to counter automated attacks and the advent of quantum computing. However, even cybersecurity companies are not immune to these

Cyber Daily 4/29: JPMorgan CISO's RSA Warning, Blackpoint Cyber's Unified Security, SOCRadar's AI Operations, Ivanti VPNs' Scanning Surge, Aussie SMEs' Digital Threats, Craft CMS & SAP NetWeaver Exploits, CISA Alerts on Planet Tech, Podcast Insights

Welcome to your ONSEC Cyber Daily dose for April 29. Today, we're diving into the deep end of the cybersecurity pool. We kick off with a warning shot from JPMorgan Chase's CISO ahead of the RSA Conference, highlighting the increasing pressure on CISOs to stay ahead

Cyber Daily 4/25: Ivanti VPN Exploits Surge, AMI and Redis Patch Critical Flaws, NVIDIA and Microsoft Vulnerabilities Exposed, Podcasts Highlight Cybersecurity Trends

Welcome to your daily dose of cyber insights, ONSEC Cyber Daily. Today, we're diving into the world of vulnerabilities and exploits, as we've seen a significant spike in the first few months of 2025. VulnCheck has spotted 159 actively exploited vulnerabilities, with a warning about increased

Cyber Daily 4/24: Armis Warns of AI-Powered Cyberwarfare, CISA Flags Critical ICS Vulnerabilities, Patching CVEs in Focus, Cybersecurity Podcasts Trending

Welcome to your daily dose of cyber security news from ONSEC Cyber Daily. Today, we're diving into the world of vulnerabilities and patches, with a focus on the critical threats that are making headlines. Armis is offering free access to its real-time cyber threat database, a move that

Cyber Daily 4/23: Financial Sector Cybersecurity Warnings, PyTorch and Windows Update Vulnerabilities, Morocco Cyberattacks, ASUS AiCloud Flaw, Podcasts on Cybersecurity

Good morning, ONSEC Cyber Daily readers! Today's issue is packed with vital cybersecurity updates that you can't afford to miss. The financial sector is under siege, with experts warning of increasing and sophisticated cyberattacks. We delve into the discovery of a remote code execution bug in

Cyber Daily 4/22: WinZip and ASUS AiCloud Vulnerabilities, AI Security Blindspots, Moroccan WordPress Plugin Breach, Deepfake CEO Threats

Welcome to your ONSEC Cyber Daily for April 22nd. Today, we're diving into a whirlwind of vulnerabilities and exploits that are keeping cybersecurity professionals on their toes. First up, we have a critical vulnerability in WinZip that could allow hackers to execute malicious code silently, bypassing Windows'

Cyber Daily 4/18: Oracle Cloud Credential Leak, Cisco Webex and SonicWall Vulnerabilities, Apple's Urgent Update, CVE-2025-24054 Attack, Patching Frenzy

Welcome to the ONSEC Cyber Daily for April 18th. Today's issue is packed with critical updates and alerts. The Cybersecurity and Infrastructure Security Agency (CISA) has been busy issuing warnings about vulnerabilities in legacy Oracle systems, Cisco Webex, and SonicWall. Apple is urging iPhone users to update their

Cyber Daily 4/17: US Agency Saves MITRE's Vulnerability Database, CISA Adds Exploited Vulnerability to Catalog, Morocco Warns of WhatsApp Flaw, Critical Patches for Apple, Microsoft, Oracle

Good morning, ONSEC Cyber Daily readers! Today's issue is packed with critical updates from the cybersecurity world. In a last-minute reversal, the US agency has extended support for the cyber vulnerability database, averting a potential lapse in a program that plays a critical role in our cyber defenses.

Cyber Daily 4/16: MITRE's CVE Oversight Ends, Global Cybersecurity at Risk, Morocco's Major Data Leak, WhatsApp Users Alerted, Incomplete NVIDIA Patch, Hertz Data Stolen in Cleo Attacks

Welcome to your ONSEC Cyber Daily for April 16. Today, we're diving into the potential global cybersecurity crisis as MITRE's CVE oversight ends due to a lapse in the U.S. government contract. This could leave a gap in vulnerability tracking that nation-state actors and cybercriminal

Cyber Daily 4/15: CentreStack Vulnerability Impact on MSSPs, Fortinet Zero-Day Bug, Android Users at High Risk, WhatsApp Security Flaws, Google Chrome Bug, Galaxy S24 Vulnerability, Windows 11 Update, Incomplete NVIDIA Patch

Good morning, ONSEC Cyber Daily readers! Today's issue is packed with critical updates and insights on the latest cybersecurity threats and vulnerabilities. We start with a deep dive into the CentreStack vulnerability and what it means for MSSPs and MSPs. As AI defenses evolve, so do AI cyberthreats,

Cyber Daily 4/11: WhatsApp Vulnerability Alert in India, Dell's Critical PowerScale Flaws, SonicWall's Multiple Patches, CentreStack Breach, Microsoft's Zero-Day Patch

Welcome to the ONSEC Cyber Daily, your one-stop source for the latest in cybersecurity news. In today's issue, we delve into the high-risk warning issued by CERT-In for WhatsApp Desktop app users, highlighting the potential vulnerability that could allow cybercriminals to steal your personal information. We also explore

Cyber Daily 4/10: China's Android Surveillance, WhatsApp Bug Alert, Microsoft's 125 Windows Patches, Active Exploits on CentreStack Vulnerability

Welcome to the ONSEC Cyber Daily for April 10th, where we bring you the latest news in the world of cybersecurity. Today, we're focusing on a wave of vulnerabilities and patches that are making headlines. China is pushing surveillance via Android apps, raising concerns about privacy and security.

Cyber Daily 4/9: WhatsApp Users Warned of Hacking Risk, CyberSmart Expert Weighs In; CISA Alerts on Zoom, Ivanti, and Google Vulnerabilities; Patch Tuesday Reveals 121 Microsoft Flaws

Welcome to the latest issue of ONSEC Cyber Daily. Today, we're diving into a series of critical alerts and warnings that have been issued across the cyber landscape. First up, WhatsApp users are being urged to update their settings to avoid falling victim to potential hacks. This warning

Cyber Daily 4/8: ToddyCat Exploits ESET Vulnerability, WinRAR Flaw Bypasses Windows Security, Python JSON Logger Vulnerability Exposed, Google Patches Android Zero-Days

Welcome to your daily dose of ONSEC Cyber Daily. Today, we delve into the world of cyber vulnerabilities and the relentless efforts of cybercriminals to exploit them. We kick off with the ToddyCat APT group, who have cleverly exploited a vulnerability in ESET's Command Line Scanner to conceal

Cyber Daily 4/7: High-Risk Alert for Google Chrome Users, 200M Records Exposed in Massive Breach, Palo Alto Networks Probed, Ivanti Vulnerability Patched, Cisco Utility Exploited

Hello ONSEC readers, Welcome to today’s edition of ONSEC Cyber Daily, where we spotlight the latest high-risk alerts, massive data breaches, and critical vulnerabilities shaking the cybersecurity landscape. First, a high-risk alert has been issued for Google Chrome users, urging immediate updates to defend against escalating threats. Cyber hygiene

Cyber Daily 4/4: Chinese Hackers Exploit Ivanti Vulnerability, Cisco CSLU Flaw Under Attack, WinRAR and Google Quick Share Vulnerabilities, Australia-Philippines Cybercrime Partnership

Good morning ONSEC Cyber Daily readers! Today's newsletter is packed with critical updates and alerts that you can't afford to miss. Chinese hackers are on the prowl, actively exploiting an Ivanti Connect Secure vulnerability. Meanwhile, Cisco is sounding the alarm over the active exploitation of a

Cyber Daily 4/3: Critical CrushFTP Vulnerability Exploited, Apple's iOS 18.4 Security Alert, Ivanti Bug Alert by CISA, NSA Warns iPhone and Android Users, Canon Printer Drivers Vulnerability, Kaspersky Patches Chrome Flaw

Welcome to the latest issue of ONSEC Cyber Daily! Today, we're diving into a series of critical vulnerabilities and security warnings that are making waves in the cybersecurity world. First up, we're looking at the ongoing intrusions involving the CrushFTP vulnerability, a critical issue that'

Cyber Daily 4/2: Cowbell's Cybersecurity Expansion, Malaysian Airport Ransomware Alert, Kentico Xperience CMS XSS Vulnerability, Apple's 0-Day Warnings, Cisco and Apple CVE Updates

Welcome to the ONSEC Cyber Daily for April 2nd! Today, we're diving into a whirlwind of cybersecurity updates and alerts. We start with Cowbell's expansion of its cybersecurity platform, integrating vulnerability scanners from Tenable, Qualys, and Rapid7. This move is a significant step towards strengthening cyber

Cyber Daily 4/1: Bitdefender Debrief, OpenSSH Vulnerability, Ivanti Zero-Day Alert, BDSM App Breach, Google Chrome Update, NSA iPhone Warning, Next.js Flaw, Chrome 0-Day, Ivanti Bug, Kubernetes Vulnerability

Good morning, ONSEC Cyber Daily readers! In today's issue, we're diving into a sea of vulnerabilities and warnings that have been making waves in the cyber world. We begin with Bitdefender's March 2025 Threat Debrief, which highlights the relentless pursuit of cybercriminals in finding

Cyber Daily 3/28: Mozilla Patches Windows, Chrome Zero-Day Exploit, Kuala Lumpur Airport Cyberattack, Akira Ransomware Bypasses EDR, New macOS Malware Emerges

Good morning, ONSEC Cyber Daily readers! Today, we're diving into a whirlwind of cybersecurity updates and alerts that have been making headlines. First off, Mozilla has released an urgent patch for Windows in response to the Chrome Zero-Day Exploit. This comes as the Kuala Lumpur Airport is hit

Cyber Daily 3/27: Next.js Middleware Vulnerability, Active SAP Exploitation, DrayTek Router Issues, Chrome's CVE-2025-2783 Patch, Ghostscript Threats

Welcome to your daily dose of ONSEC Cyber Daily, where we bring you the most critical cybersecurity updates. Today, we're unraveling a web of vulnerabilities and patches that have been making waves in the cybersecurity world. First up, we have a middleware vulnerability in Next.js (CVE-2025-29227) that

Cyber Daily 3/26: Google's Chrome Patch for Russian Espionage, DrayTek Router Vulnerabilities, Kubernetes Ingress-NGINX Flaws, Ukraine Infrastructure Attacks

Welcome to your ONSEC Cyber Daily dose for March 26th. Today, we're diving into a whirlwind of cyber threats and security patches. Google has released a Chrome patch to counter an exploit used in Russian espionage attacks, while DrayTek routers are under active exploitation due to vulnerabilities disclosed

Cyber Daily 3/25: FBI Warns of Threats to Hospitals, Ukraine Defense Sector Under Attack, Critical Vulnerabilities in Next.js, Kubernetes, Cisco CSLU, and Veeam Software

Good morning, ONSEC Cyber Daily readers! Today, we're diving into a whirlwind of cyber threats and vulnerabilities that are shaking up the digital landscape. The FBI and healthcare agencies have issued a stern warning about a credible threat against hospitals, following a multi-city social media terror plot alert.

Cyber Daily 3/21: Veeam and IBM Patch High-Risk Flaws, Google Chrome Users Warned of Cyber Threats, Dell and CISA Alert on Vulnerabilities, Chinese Hackers Exploit Exchange Vulnerabilities

Good morning, ONSEC Cyber Daily readers! In today's issue, we're diving into a sea of vulnerabilities and patches. We start with Veeam's critical update patching a backup software vulnerability, a move that has sent ripples across the information security sector. But it's

Cyber Daily 3/20: Clovis Scam, FBI Warns of Gmail and Outlook Attacks, Microsoft Alerts on StilachiRAT, CISA Highlights Fortinet and GitHub Vulnerabilities, CERT NZ Advises on Apache Tomcat

Welcome to your ONSEC Cyber Daily dose for March 20. Today, we're diving into a series of alarming cybersecurity incidents and vulnerabilities that are making headlines. Starting off in Clovis, where residents have fallen victim to a scam that has seen over $230K stolen. This incident serves as

Cyber Daily 3/19: SquareX Exposes Browser Vulnerabilities, CISA Adds Exploited Flaws to Catalog, AMI BMC and DeepSeek AI Vulnerabilities Raise Concerns, Google and Linux Patch Critical Issues

Welcome to your daily dose of ONSEC Cyber Daily! Today, we're diving into the world of cyber vulnerabilities and the steps being taken to combat them. SquareX's "Year of Browser Bugs" project is shining a light on critical cybersecurity blind spots, while Google launches

Cyber Daily 3/18: Samsung's 7-Day Update Deadline, TP-Link and GitHub Vulnerabilities, Remote Hacks on Commercial Vehicles, Microsoft and Adobe Patching Critical Flaws

Welcome to the ONSEC Cyber Daily for March 18, 2025. Today, we're diving into a sea of vulnerabilities and patches. Samsung is facing an impossible deadline, urging users to update their phones within 7 days to avoid potential disasters. Meanwhile, the job market is buzzing with opportunities for

Cyber Daily 3/14: Win32 Bug Exploited for Two Years, Aptori's AI Reduces Risk, Security Cameras Hijacked into Botnet, CISA Warns of Juniper and Medusa Threats

Welcome to the ONSEC Cyber Daily for March 14th. Today, we're diving into a whirlwind of cyber threats and vulnerabilities that have been making headlines. We start with a two-year-old Win32 bug that malicious actors have been exploiting, despite its recent fix. This high-severity zero-day vulnerability in the