Latest

Cyber Daily 7/22: Microsoft SharePoint Zero-Day Exploited Globally, CISA Issues Urgent Alert, Emergency Patches Released, Agencies Race to Mitigate Vulnerability

Cyber Daily 7/22: Microsoft SharePoint Zero-Day Exploited Globally, CISA Issues Urgent Alert, Emergency Patches Released, Agencies Race to Mitigate Vulnerability

Welcome to the ONSEC Cyber Daily for July 22, 2025. Today, we dive into a critical narrative unfolding in the cybersecurity world. A zero-day vulnerability has been discovered in Microsoft SharePoint servers, leading to a wave of global cyberattacks. Microsoft has issued an urgent alert and released emergency patches to
ONSEC.io Research Team
Cyber Daily 7/15: CitrixBleed 2 Exploits, Train Brake Vulnerability, Gmail Hack Alert, FortiWeb RCE Threats - A Global Cybersecurity Crisis Unfolds

Cyber Daily 7/15: CitrixBleed 2 Exploits, Train Brake Vulnerability, Gmail Hack Alert, FortiWeb RCE Threats - A Global Cybersecurity Crisis Unfolds

Welcome to the ONSEC Cyber Daily for July 15th, where today's headlines weave a chilling narrative of vulnerabilities and exploits that could redefine the landscape of cybersecurity. As CitrixBleed 2 emerges from the shadows, echoing the chaos of its predecessor, organizations worldwide brace for impact. Meanwhile, a stark
ONSEC.io Research Team
Cyber Daily 7/1: Iranian Attacks on US Networks, Glasgow Scam Alert, Citrix Vulnerability Exploited, RBI Urges Zero-Trust

Cyber Daily 7/1: Iranian Attacks on US Networks, Glasgow Scam Alert, Citrix Vulnerability Exploited, RBI Urges Zero-Trust

In today's edition, we unravel a web of cyber threats that span continents and industries, painting a vivid picture of the digital battlefield. The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm on potential Iranian cyberattacks targeting vulnerable U.S. networks, urging heightened vigilance. Meanwhile, Glasgow
ONSEC.io Research Team
Cyber Daily 6/4: Proactive Threat Management Revolution, Safari XSS Flaw, Algerian Hackers Target Morocco, Samsung and Google Patch Critical Vulnerabilities

Cyber Daily 6/4: Proactive Threat Management Revolution, Safari XSS Flaw, Algerian Hackers Target Morocco, Samsung and Google Patch Critical Vulnerabilities

Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving into the evolving landscape of cybersecurity strategies, where proactive threat management is becoming the new norm. We'll explore how cybercriminals are leveraging advanced persistent threats, AI-driven phishing, and deepfake-based social engineering techniques to breach
ONSEC.io Research Team
Cyber Daily 6/6: Wireshark, IBM Tivoli Vulnerabilities; Android 13+ Malware Bypass; TSA, Google Cybersecurity Warnings; Cisco, VMware, HPE, Qualcomm Patches; Heimdal Podcast

Cyber Daily 6/6: Wireshark, IBM Tivoli Vulnerabilities; Android 13+ Malware Bypass; TSA, Google Cybersecurity Warnings; Cisco, VMware, HPE, Qualcomm Patches; Heimdal Podcast

Welcome to today's issue of ONSEC Cyber Daily, where we're diving into the latest cybersecurity threats and defenses. We're starting with a critical Wireshark vulnerability that could enable DoS attacks through malicious packet injection. Meanwhile, Android 13+ is under threat as cybercriminals use malware
ONSEC.io Research Team
Cyber Daily 6/5: EU's New Vulnerability Database, Neuroscience Battles Alert Fatigue, Cisco's IOS XE Flaw, CISA's ICS Advisories, Google's Emergency Chrome Patch, Qualcomm's Security Flaws

Cyber Daily 6/5: EU's New Vulnerability Database, Neuroscience Battles Alert Fatigue, Cisco's IOS XE Flaw, CISA's ICS Advisories, Google's Emergency Chrome Patch, Qualcomm's Security Flaws

Welcome to the latest issue of ONSEC Cyber Daily, your one-stop source for all things cybersecurity. Today, we're diving into the EU's new European Vulnerability Database (EUVD), a significant step towards enhancing cybersecurity and supporting risk assessment and incident response. But it's not just
ONSEC.io Research Team
Cyber Daily 6/3: Linux Passwords at Risk, SMEs Face Unprecedented Attacks, Critical Vulnerabilities in vBulletin and Consilium Fire Panel, Qualcomm Urges Patching of Adreno GPU Flaws

Cyber Daily 6/3: Linux Passwords at Risk, SMEs Face Unprecedented Attacks, Critical Vulnerabilities in vBulletin and Consilium Fire Panel, Qualcomm Urges Patching of Adreno GPU Flaws

Welcome to the ONSEC Cyber Daily for June 3rd, 2025. Today, we're navigating the sea of alerts to prioritize vulnerabilities that are making waves in the cybersecurity landscape. Small and medium-sized enterprises (SMEs) are under siege, with unprecedented cyberattacks threatening their operations. Veteran cybersecurity writer, Davey Winder, warns
ONSEC.io Research Team
Cyber Daily 5/29: Toll Fee Scams Alert, XenServer VM Flaw, WooCommerce Plugin Vulnerability, Ivanti NHS Data Risk, Pakistan's Massive Data Breach, Google Chrome & ASUS Updates

Cyber Daily 5/29: Toll Fee Scams Alert, XenServer VM Flaw, WooCommerce Plugin Vulnerability, Ivanti NHS Data Risk, Pakistan's Massive Data Breach, Google Chrome & ASUS Updates

Good morning, ONSEC Cyber Daily readers! Today, we're diving into a series of alarming cybersecurity developments that have surfaced across the globe. First up, we're discussing a new warning issued over toll fee scams, a deceptive practice that's causing havoc for unsuspecting victims. In
ONSEC.io Research Team
Cyber Daily 5/28: DragonForce Ransomware Exploits SimpleHelp, Pakistan's 180M User Data Breach, Microsoft's Critical Security Flaws, Adobe's Remote Code Execution Vulnerability

Cyber Daily 5/28: DragonForce Ransomware Exploits SimpleHelp, Pakistan's 180M User Data Breach, Microsoft's Critical Security Flaws, Adobe's Remote Code Execution Vulnerability

Welcome to your daily dose of ONSEC Cyber Daily, where we bring you the most critical cybersecurity updates. Today, we're diving into the world of ransomware, as DragonForce hackers exploit SimpleHelp vulnerabilities. We'll also be discussing the appointment of Shane Barney as the new Chief Information
ONSEC.io Research Team
Cyber Daily 5/27: Chinese Hackers Target US via Cityworks Exploit, vBulletin Forum Vulnerability Exposed, India's Microsoft Security Alert, Oracle TNS Flaw, Patch Updates for Ivanti, Fortinet, Linux Kernel

Cyber Daily 5/27: Chinese Hackers Target US via Cityworks Exploit, vBulletin Forum Vulnerability Exposed, India's Microsoft Security Alert, Oracle TNS Flaw, Patch Updates for Ivanti, Fortinet, Linux Kernel

Good Morning ONSEC Cyber Daily Readers, In today's issue, we're diving into a series of critical cybersecurity alerts and vulnerabilities that are making headlines. Chinese hackers are exploiting a 0-Day vulnerability in Cityworks, a platform widely used by US local governments. This comes as Cisco Talos
ONSEC.io Research Team
Cyber Daily 5/22: Apple's AirBorne Flaw Threatens iPhones, Attaxion Teams Up with ENISA, SideWinder Exploits Legacy Office Vulnerabilities, Cybersecurity Podcasts Gain Traction

Cyber Daily 5/22: Apple's AirBorne Flaw Threatens iPhones, Attaxion Teams Up with ENISA, SideWinder Exploits Legacy Office Vulnerabilities, Cybersecurity Podcasts Gain Traction

Welcome to the ONSEC Cyber Daily, your one-stop source for the latest in cybersecurity news. In today's issue, we're sounding the alarm on a massive security flaw found in Apple devices. The vulnerability, ominously dubbed "AirBorne," has security researchers urging iPhone users to disable
ONSEC.io Research Team
Cyber Daily 5/19: Ankit Tiwari Cyber Attack, High-Severity Alert for Chrome Users, AI Widening Cybersecurity Gaps in Morocco, Microsoft Patches Exploited Vulnerabilities

Cyber Daily 5/19: Ankit Tiwari Cyber Attack, High-Severity Alert for Chrome Users, AI Widening Cybersecurity Gaps in Morocco, Microsoft Patches Exploited Vulnerabilities

Subject: ONSEC Cyber Daily - Celebrity Cyber Attack, Chrome Alert, AI Cybersecurity Gaps, and More Hello ONSEC readers, In today's issue, we're hitting some high notes with a story about a cyber attack against popular Indian singer, Ankit Tiwari. As India faces increasing geopolitical tensions, cybercriminals
ONSEC.io Research Team
Cyber Daily 5/23: Firefox, Chrome Vulnerabilities Alert by NCERT, German Cyber Agency Warns of Grid Threats, WhatsApp Security Flaws, Chinese Hackers Exploit Cityworks Bug, Multiple CVEs Patched

Cyber Daily 5/23: Firefox, Chrome Vulnerabilities Alert by NCERT, German Cyber Agency Warns of Grid Threats, WhatsApp Security Flaws, Chinese Hackers Exploit Cityworks Bug, Multiple CVEs Patched

Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving into a world where vulnerabilities are lurking in every corner. From Firefox and Chrome being susceptible to cyber threats, as warned by NCERT, to the German Federal Office for Information Security sounding the alarm on grid
ONSEC.io Research Team
Cyber Daily 5/20: iPhone AirPlay Flaws, UK's AI Cybersecurity Codes, Healthcare Cyber Threats, CISA Alerts Discontinued, Toaster Hacking in UK, Google Chrome Vulnerabilities, EU's Vulnerability Database, Patch Tuesday Updates, Cybersecurity Podcasts

Cyber Daily 5/20: iPhone AirPlay Flaws, UK's AI Cybersecurity Codes, Healthcare Cyber Threats, CISA Alerts Discontinued, Toaster Hacking in UK, Google Chrome Vulnerabilities, EU's Vulnerability Database, Patch Tuesday Updates, Cybersecurity Podcasts

Welcome to your ONSEC Cyber Daily dose for May 20th. Today, we're diving into a sea of vulnerabilities and warnings that are making waves across the globe. First up, iPhone users, beware! A critical flaw has been discovered in Apple's AirPlay feature, putting 1.8 billion
ONSEC.io Research Team
Cyber Daily 5/15: SK audits for vulnerabilities, ASD alerts on Ivanti Endpoint Manager, FBI warns on router risks, UAE acts on Microsoft flaws, Patch Tuesday tackles multiple CVEs

Cyber Daily 5/15: SK audits for vulnerabilities, ASD alerts on Ivanti Endpoint Manager, FBI warns on router risks, UAE acts on Microsoft flaws, Patch Tuesday tackles multiple CVEs

Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving into a world where cybersecurity vulnerabilities are being audited, alerts are being issued, and urgent warnings are being sounded. From SK's decision to audit all affiliates for cybersecurity vulnerabilities to the Australian Signals Directorate&
ONSEC.io Research Team
Cyber Daily 5/14: CISA Warns of TeleMessage Vulnerability, Chinese Hackers Exploit SAP, Oracle Cloud Hosts eQure's Cybersecurity Platform, EU Launches Vulnerability Database

Cyber Daily 5/14: CISA Warns of TeleMessage Vulnerability, Chinese Hackers Exploit SAP, Oracle Cloud Hosts eQure's Cybersecurity Platform, EU Launches Vulnerability Database

Welcome to today's issue of ONSEC Cyber Daily. We're diving into the world of cybersecurity, where vulnerabilities are the name of the game. From the CISA warning about a TeleMessage vulnerability to the launch of eQure's Ground-Truth Cybersecurity Platform on Oracle Cloud Infrastructure, it&
ONSEC.io Research Team
Cyber Daily 5/8: End of Life Routers Exploited, IBM Cognos Analytics Vulnerability, Rising Threats to OT Systems, SAP NetWeaver Under Attack

Cyber Daily 5/8: End of Life Routers Exploited, IBM Cognos Analytics Vulnerability, Rising Threats to OT Systems, SAP NetWeaver Under Attack

Welcome to the ONSEC Cyber Daily, your one-stop source for the latest in cybersecurity news. Today, we delve into the world of cybercriminals exploiting end-of-life routers and the vulnerabilities they leave behind. We'll also discuss the critical security advisory issued by IBM regarding its Cognos Analytics platform. In
ONSEC.io Research Team
Cyber Daily 5/6: CISA Alerts on Langflow Exploit, Cyber Onslaught on Indian Defence, SonicBoom Bypasses Login, Google & MediaTek Patch Flaws, AI in Medical Device Security

Cyber Daily 5/6: CISA Alerts on Langflow Exploit, Cyber Onslaught on Indian Defence, SonicBoom Bypasses Login, Google & MediaTek Patch Flaws, AI in Medical Device Security

Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving into a series of alerts and vulnerabilities that are shaking up the cybersecurity landscape. First up, the Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert about an actively exploited vulnerability in Langflow. This
ONSEC.io Research Team
Cyber Daily 4/30: NetApp Boosts Storage Layer Security, Cybersecurity Firms Under Siege, CISA Alerts on Commvault, Brocade Vulnerabilities, Chrome and Apache Patch Updates

Cyber Daily 4/30: NetApp Boosts Storage Layer Security, Cybersecurity Firms Under Siege, CISA Alerts on Commvault, Brocade Vulnerabilities, Chrome and Apache Patch Updates

Welcome to your daily dose of cybersecurity updates from ONSEC Cyber Daily. Today, we delve into the escalating threats in the cyber world, with NetApp advancing cybersecurity at the storage layer to counter automated attacks and the advent of quantum computing. However, even cybersecurity companies are not immune to these
ONSEC.io Research Team
Cyber Daily 4/29: JPMorgan CISO's RSA Warning, Blackpoint Cyber's Unified Security, SOCRadar's AI Operations, Ivanti VPNs' Scanning Surge, Aussie SMEs' Digital Threats, Craft CMS & SAP NetWeaver Exploits, CISA Alerts on Planet Tech, Podcast Insights

Cyber Daily 4/29: JPMorgan CISO's RSA Warning, Blackpoint Cyber's Unified Security, SOCRadar's AI Operations, Ivanti VPNs' Scanning Surge, Aussie SMEs' Digital Threats, Craft CMS & SAP NetWeaver Exploits, CISA Alerts on Planet Tech, Podcast Insights

Welcome to your ONSEC Cyber Daily dose for April 29. Today, we're diving into the deep end of the cybersecurity pool. We kick off with a warning shot from JPMorgan Chase's CISO ahead of the RSA Conference, highlighting the increasing pressure on CISOs to stay ahead
ONSEC.io Research Team
Cyber Daily 4/23: Financial Sector Cybersecurity Warnings, PyTorch and Windows Update Vulnerabilities, Morocco Cyberattacks, ASUS AiCloud Flaw, Podcasts on Cybersecurity

Cyber Daily 4/23: Financial Sector Cybersecurity Warnings, PyTorch and Windows Update Vulnerabilities, Morocco Cyberattacks, ASUS AiCloud Flaw, Podcasts on Cybersecurity

Good morning, ONSEC Cyber Daily readers! Today's issue is packed with vital cybersecurity updates that you can't afford to miss. The financial sector is under siege, with experts warning of increasing and sophisticated cyberattacks. We delve into the discovery of a remote code execution bug in
ONSEC.io Research Team
Cyber Daily 4/18: Oracle Cloud Credential Leak, Cisco Webex and SonicWall Vulnerabilities, Apple's Urgent Update, CVE-2025-24054 Attack, Patching Frenzy

Cyber Daily 4/18: Oracle Cloud Credential Leak, Cisco Webex and SonicWall Vulnerabilities, Apple's Urgent Update, CVE-2025-24054 Attack, Patching Frenzy

Welcome to the ONSEC Cyber Daily for April 18th. Today's issue is packed with critical updates and alerts. The Cybersecurity and Infrastructure Security Agency (CISA) has been busy issuing warnings about vulnerabilities in legacy Oracle systems, Cisco Webex, and SonicWall. Apple is urging iPhone users to update their
ONSEC.io Research Team
Cyber Daily 4/17: US Agency Saves MITRE's Vulnerability Database, CISA Adds Exploited Vulnerability to Catalog, Morocco Warns of WhatsApp Flaw, Critical Patches for Apple, Microsoft, Oracle

Cyber Daily 4/17: US Agency Saves MITRE's Vulnerability Database, CISA Adds Exploited Vulnerability to Catalog, Morocco Warns of WhatsApp Flaw, Critical Patches for Apple, Microsoft, Oracle

Good morning, ONSEC Cyber Daily readers! Today's issue is packed with critical updates from the cybersecurity world. In a last-minute reversal, the US agency has extended support for the cyber vulnerability database, averting a potential lapse in a program that plays a critical role in our cyber defenses.
ONSEC.io Research Team
Cyber Daily 4/16: MITRE's CVE Oversight Ends, Global Cybersecurity at Risk, Morocco's Major Data Leak, WhatsApp Users Alerted, Incomplete NVIDIA Patch, Hertz Data Stolen in Cleo Attacks

Cyber Daily 4/16: MITRE's CVE Oversight Ends, Global Cybersecurity at Risk, Morocco's Major Data Leak, WhatsApp Users Alerted, Incomplete NVIDIA Patch, Hertz Data Stolen in Cleo Attacks

Welcome to your ONSEC Cyber Daily for April 16. Today, we're diving into the potential global cybersecurity crisis as MITRE's CVE oversight ends due to a lapse in the U.S. government contract. This could leave a gap in vulnerability tracking that nation-state actors and cybercriminal
ONSEC.io Research Team
Cyber Daily 4/15: CentreStack Vulnerability Impact on MSSPs, Fortinet Zero-Day Bug, Android Users at High Risk, WhatsApp Security Flaws, Google Chrome Bug, Galaxy S24 Vulnerability, Windows 11 Update, Incomplete NVIDIA Patch

Cyber Daily 4/15: CentreStack Vulnerability Impact on MSSPs, Fortinet Zero-Day Bug, Android Users at High Risk, WhatsApp Security Flaws, Google Chrome Bug, Galaxy S24 Vulnerability, Windows 11 Update, Incomplete NVIDIA Patch

Good morning, ONSEC Cyber Daily readers! Today's issue is packed with critical updates and insights on the latest cybersecurity threats and vulnerabilities. We start with a deep dive into the CentreStack vulnerability and what it means for MSSPs and MSPs. As AI defenses evolve, so do AI cyberthreats,
ONSEC.io Research Team
Cyber Daily 4/11: WhatsApp Vulnerability Alert in India, Dell's Critical PowerScale Flaws, SonicWall's Multiple Patches, CentreStack Breach, Microsoft's Zero-Day Patch

Cyber Daily 4/11: WhatsApp Vulnerability Alert in India, Dell's Critical PowerScale Flaws, SonicWall's Multiple Patches, CentreStack Breach, Microsoft's Zero-Day Patch

Welcome to the ONSEC Cyber Daily, your one-stop source for the latest in cybersecurity news. In today's issue, we delve into the high-risk warning issued by CERT-In for WhatsApp Desktop app users, highlighting the potential vulnerability that could allow cybercriminals to steal your personal information. We also explore
ONSEC.io Research Team
Cyber Daily 4/9: WhatsApp Users Warned of Hacking Risk, CyberSmart Expert Weighs In; CISA Alerts on Zoom, Ivanti, and Google Vulnerabilities; Patch Tuesday Reveals 121 Microsoft Flaws

Cyber Daily 4/9: WhatsApp Users Warned of Hacking Risk, CyberSmart Expert Weighs In; CISA Alerts on Zoom, Ivanti, and Google Vulnerabilities; Patch Tuesday Reveals 121 Microsoft Flaws

Welcome to the latest issue of ONSEC Cyber Daily. Today, we're diving into a series of critical alerts and warnings that have been issued across the cyber landscape. First up, WhatsApp users are being urged to update their settings to avoid falling victim to potential hacks. This warning
ONSEC.io Research Team
Cyber Daily 4/7: High-Risk Alert for Google Chrome Users, 200M Records Exposed in Massive Breach, Palo Alto Networks Probed, Ivanti Vulnerability Patched, Cisco Utility Exploited

Cyber Daily 4/7: High-Risk Alert for Google Chrome Users, 200M Records Exposed in Massive Breach, Palo Alto Networks Probed, Ivanti Vulnerability Patched, Cisco Utility Exploited

Hello ONSEC readers, Welcome to today’s edition of ONSEC Cyber Daily, where we spotlight the latest high-risk alerts, massive data breaches, and critical vulnerabilities shaking the cybersecurity landscape. First, a high-risk alert has been issued for Google Chrome users, urging immediate updates to defend against escalating threats. Cyber hygiene
ONSEC.io Research Team
Cyber Daily 4/4: Chinese Hackers Exploit Ivanti Vulnerability, Cisco CSLU Flaw Under Attack, WinRAR and Google Quick Share Vulnerabilities, Australia-Philippines Cybercrime Partnership

Cyber Daily 4/4: Chinese Hackers Exploit Ivanti Vulnerability, Cisco CSLU Flaw Under Attack, WinRAR and Google Quick Share Vulnerabilities, Australia-Philippines Cybercrime Partnership

Good morning ONSEC Cyber Daily readers! Today's newsletter is packed with critical updates and alerts that you can't afford to miss. Chinese hackers are on the prowl, actively exploiting an Ivanti Connect Secure vulnerability. Meanwhile, Cisco is sounding the alarm over the active exploitation of a
ONSEC.io Research Team
Cyber Daily 4/3: Critical CrushFTP Vulnerability Exploited, Apple's iOS 18.4 Security Alert, Ivanti Bug Alert by CISA, NSA Warns iPhone and Android Users, Canon Printer Drivers Vulnerability, Kaspersky Patches Chrome Flaw

Cyber Daily 4/3: Critical CrushFTP Vulnerability Exploited, Apple's iOS 18.4 Security Alert, Ivanti Bug Alert by CISA, NSA Warns iPhone and Android Users, Canon Printer Drivers Vulnerability, Kaspersky Patches Chrome Flaw

Welcome to the latest issue of ONSEC Cyber Daily! Today, we're diving into a series of critical vulnerabilities and security warnings that are making waves in the cybersecurity world. First up, we're looking at the ongoing intrusions involving the CrushFTP vulnerability, a critical issue that'
ONSEC.io Research Team
Cyber Daily 4/2: Cowbell's Cybersecurity Expansion, Malaysian Airport Ransomware Alert, Kentico Xperience CMS XSS Vulnerability, Apple's 0-Day Warnings, Cisco and Apple CVE Updates

Cyber Daily 4/2: Cowbell's Cybersecurity Expansion, Malaysian Airport Ransomware Alert, Kentico Xperience CMS XSS Vulnerability, Apple's 0-Day Warnings, Cisco and Apple CVE Updates

Welcome to the ONSEC Cyber Daily for April 2nd! Today, we're diving into a whirlwind of cybersecurity updates and alerts. We start with Cowbell's expansion of its cybersecurity platform, integrating vulnerability scanners from Tenable, Qualys, and Rapid7. This move is a significant step towards strengthening cyber
ONSEC.io Research Team
Cyber Daily 4/1: Bitdefender Debrief, OpenSSH Vulnerability, Ivanti Zero-Day Alert, BDSM App Breach, Google Chrome Update, NSA iPhone Warning, Next.js Flaw, Chrome 0-Day, Ivanti Bug, Kubernetes Vulnerability

Cyber Daily 4/1: Bitdefender Debrief, OpenSSH Vulnerability, Ivanti Zero-Day Alert, BDSM App Breach, Google Chrome Update, NSA iPhone Warning, Next.js Flaw, Chrome 0-Day, Ivanti Bug, Kubernetes Vulnerability

Good morning, ONSEC Cyber Daily readers! In today's issue, we're diving into a sea of vulnerabilities and warnings that have been making waves in the cyber world. We begin with Bitdefender's March 2025 Threat Debrief, which highlights the relentless pursuit of cybercriminals in finding
ONSEC.io Research Team
Cyber Daily 3/26: Google's Chrome Patch for Russian Espionage, DrayTek Router Vulnerabilities, Kubernetes Ingress-NGINX Flaws, Ukraine Infrastructure Attacks

Cyber Daily 3/26: Google's Chrome Patch for Russian Espionage, DrayTek Router Vulnerabilities, Kubernetes Ingress-NGINX Flaws, Ukraine Infrastructure Attacks

Welcome to your ONSEC Cyber Daily dose for March 26th. Today, we're diving into a whirlwind of cyber threats and security patches. Google has released a Chrome patch to counter an exploit used in Russian espionage attacks, while DrayTek routers are under active exploitation due to vulnerabilities disclosed
ONSEC.io Research Team
Cyber Daily 3/25: FBI Warns of Threats to Hospitals, Ukraine Defense Sector Under Attack, Critical Vulnerabilities in Next.js, Kubernetes, Cisco CSLU, and Veeam Software

Cyber Daily 3/25: FBI Warns of Threats to Hospitals, Ukraine Defense Sector Under Attack, Critical Vulnerabilities in Next.js, Kubernetes, Cisco CSLU, and Veeam Software

Good morning, ONSEC Cyber Daily readers! Today, we're diving into a whirlwind of cyber threats and vulnerabilities that are shaking up the digital landscape. The FBI and healthcare agencies have issued a stern warning about a credible threat against hospitals, following a multi-city social media terror plot alert.
ONSEC.io Research Team
Cyber Daily 3/20: Clovis Scam, FBI Warns of Gmail and Outlook Attacks, Microsoft Alerts on StilachiRAT, CISA Highlights Fortinet and GitHub Vulnerabilities, CERT NZ Advises on Apache Tomcat

Cyber Daily 3/20: Clovis Scam, FBI Warns of Gmail and Outlook Attacks, Microsoft Alerts on StilachiRAT, CISA Highlights Fortinet and GitHub Vulnerabilities, CERT NZ Advises on Apache Tomcat

Welcome to your ONSEC Cyber Daily dose for March 20. Today, we're diving into a series of alarming cybersecurity incidents and vulnerabilities that are making headlines. Starting off in Clovis, where residents have fallen victim to a scam that has seen over $230K stolen. This incident serves as
ONSEC.io Research Team
Cyber Daily 3/19: SquareX Exposes Browser Vulnerabilities, CISA Adds Exploited Flaws to Catalog, AMI BMC and DeepSeek AI Vulnerabilities Raise Concerns, Google and Linux Patch Critical Issues

Cyber Daily 3/19: SquareX Exposes Browser Vulnerabilities, CISA Adds Exploited Flaws to Catalog, AMI BMC and DeepSeek AI Vulnerabilities Raise Concerns, Google and Linux Patch Critical Issues

Welcome to your daily dose of ONSEC Cyber Daily! Today, we're diving into the world of cyber vulnerabilities and the steps being taken to combat them. SquareX's "Year of Browser Bugs" project is shining a light on critical cybersecurity blind spots, while Google launches
ONSEC.io Research Team
Cyber Daily 3/18: Samsung's 7-Day Update Deadline, TP-Link and GitHub Vulnerabilities, Remote Hacks on Commercial Vehicles, Microsoft and Adobe Patching Critical Flaws

Cyber Daily 3/18: Samsung's 7-Day Update Deadline, TP-Link and GitHub Vulnerabilities, Remote Hacks on Commercial Vehicles, Microsoft and Adobe Patching Critical Flaws

Welcome to the ONSEC Cyber Daily for March 18, 2025. Today, we're diving into a sea of vulnerabilities and patches. Samsung is facing an impossible deadline, urging users to update their phones within 7 days to avoid potential disasters. Meanwhile, the job market is buzzing with opportunities for
ONSEC.io Research Team
Cyber Daily 3/14: Win32 Bug Exploited for Two Years, Aptori's AI Reduces Risk, Security Cameras Hijacked into Botnet, CISA Warns of Juniper and Medusa Threats

Cyber Daily 3/14: Win32 Bug Exploited for Two Years, Aptori's AI Reduces Risk, Security Cameras Hijacked into Botnet, CISA Warns of Juniper and Medusa Threats

Welcome to the ONSEC Cyber Daily for March 14th. Today, we're diving into a whirlwind of cyber threats and vulnerabilities that have been making headlines. We start with a two-year-old Win32 bug that malicious actors have been exploiting, despite its recent fix. This high-severity zero-day vulnerability in the
ONSEC.io Research Team
Cyber Daily 3/12: CISA Warns of Microsoft Windows MMC Exploit, Cybersecurity Burnout Crisis, ArmorCode's New Partner Program, Google Chrome's Critical Vulnerabilities, Apple and Microsoft's Urgent Patches

Cyber Daily 3/12: CISA Warns of Microsoft Windows MMC Exploit, Cybersecurity Burnout Crisis, ArmorCode's New Partner Program, Google Chrome's Critical Vulnerabilities, Apple and Microsoft's Urgent Patches

Good morning, ONSEC Cyber Daily readers! Today's issue is packed with crucial updates from the cybersecurity world. The CISA has issued an alert on the active exploitation of a Microsoft Windows MMC vulnerability, reminding us of the constant battle against cyber threats. Meanwhile, the cybersecurity sector is grappling
ONSEC.io Research Team
Cyber Daily 3/11: Security Cameras Hijacked into Botnet, Widespread PHP Vulnerability Attacks, Bluetooth Chip Identity Theft, Federal Contractor Vulnerability Disclosure Program

Cyber Daily 3/11: Security Cameras Hijacked into Botnet, Widespread PHP Vulnerability Attacks, Bluetooth Chip Identity Theft, Federal Contractor Vulnerability Disclosure Program

Good morning ONSEC Cyber Daily readers! Today's issue is packed with critical updates and insights from the cybersecurity world. We kick off with a warning about a top security camera maker's devices being hijacked into a botnet, a result of cybercriminals exploiting a command injection vulnerability.
ONSEC.io Research Team
Cyber Daily 2/28: Chinese Espionage Facilitates RA World Ransomware, AI in Cybersecurity, Maritime Industry's Cyber Vulnerabilities, Microsoft Copilot Warning, iPhone Data at Risk, GitLab and LibreOffice Patches

Cyber Daily 2/28: Chinese Espionage Facilitates RA World Ransomware, AI in Cybersecurity, Maritime Industry's Cyber Vulnerabilities, Microsoft Copilot Warning, iPhone Data at Risk, GitLab and LibreOffice Patches

Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving into the murky depths of cyberespionage, as malicious actors leverage a tool linked to a Chinese operation to facilitate a ransomware intrusion against an Asian software firm. We'll explore how AI can be responsibly
ONSEC.io Research Team
Cyber Daily 2/26: Adobe and Oracle Under Attack, Cisco Routers Exploited, Google Warns of Phishing in Education, UK Vulnerability Reporting Criticized

Cyber Daily 2/26: Adobe and Oracle Under Attack, Cisco Routers Exploited, Google Warns of Phishing in Education, UK Vulnerability Reporting Criticized

Good morning, ONSEC Cyber Daily readers! Today's issue is packed with critical updates and insights from the cybersecurity world. We start with a warning from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) about increased cyberattacks targeting Adobe ColdFusion and Oracle Agile PLM. The attackers are exploiting
ONSEC.io Research Team
Cyber Daily 2/21: Ghost Ransomware Threatens 70+ Nations, CISA Warns of SonicWall and Palo Alto Bugs, Europe's Cyber Vulnerability Exposed, Microsoft and NVIDIA Patch Critical Flaws

Cyber Daily 2/21: Ghost Ransomware Threatens 70+ Nations, CISA Warns of SonicWall and Palo Alto Bugs, Europe's Cyber Vulnerability Exposed, Microsoft and NVIDIA Patch Critical Flaws

Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving into the chilling world of Ghost Ransomware. The National Law Review has released a joint cybersecurity advisory on this menacing threat that's exploiting vulnerabilities in over 70 countries. The Cybersecurity and Infrastructure Security Agency
ONSEC.io Research Team
Cyber Daily 2/20: Ghost/Cring Ransomware Alert by FBI, CISA; Insight Partners Cyberattack; Palo Alto, SonicWall Vulnerabilities; Weak Passwords Warning; Cybersecurity Podcast Highlights

Cyber Daily 2/20: Ghost/Cring Ransomware Alert by FBI, CISA; Insight Partners Cyberattack; Palo Alto, SonicWall Vulnerabilities; Weak Passwords Warning; Cybersecurity Podcast Highlights

Welcome to the ONSEC Cyber Daily newsletter for February 20, 2025. Today, we're diving into a flurry of cyber threats and vulnerabilities that have been making headlines. The FBI and CISA have issued an alert regarding the recent surge in Ghost/Cring ransomware activity. This comes on the
ONSEC.io Research Team
Cyber Daily 2/18: CISA Alerts on Apple iOS and Buffer Overflow Exploits, Android Follows iPhone's Security Steps, US Treasury Targeted via PostgreSQL, SonicWall Firewalls Under Attack

Cyber Daily 2/18: CISA Alerts on Apple iOS and Buffer Overflow Exploits, Android Follows iPhone's Security Steps, US Treasury Targeted via PostgreSQL, SonicWall Firewalls Under Attack

Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving deep into the world of cybersecurity, where vulnerabilities are exploited and the battle to secure our digital landscape is relentless. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm on a critical
ONSEC.io Research Team
Cyber Daily 2/14: Palo Alto Networks Patches PAN-OS Exploit, CISA & FBI Alert on Buffer Overflow Vulnerabilities, US Coast Guard Urged to Strengthen Cybersecurity, FedEx Warns of New Scams

Cyber Daily 2/14: Palo Alto Networks Patches PAN-OS Exploit, CISA & FBI Alert on Buffer Overflow Vulnerabilities, US Coast Guard Urged to Strengthen Cybersecurity, FedEx Warns of New Scams

Happy Valentine’s Day! Welcome to your ONSEC Cyber Daily newsletter for February 14th. Today, we're diving into a sea of vulnerabilities and patches, with a focus on the recent Palo Alto Networks authentication bypass exploit in PAN-OS software. This vulnerability, tracked as CVE-2025-0108, has a CVSS score
ONSEC.io Research Team
Cyber Daily 2/13: CISA, FBI Warn of Buffer Overflow Threats, Google Chrome's 'Syncjacking' Attack, Apple's Global Security Update, SonicWall VPN Hijacking Risk, US Ports Vulnerable to Cyber Attacks

Cyber Daily 2/13: CISA, FBI Warn of Buffer Overflow Threats, Google Chrome's 'Syncjacking' Attack, Apple's Global Security Update, SonicWall VPN Hijacking Risk, US Ports Vulnerable to Cyber Attacks

Welcome to today's issue of ONSEC Cyber Daily. We're diving into a whirlwind of cybersecurity threats and vulnerabilities that have been making headlines. The CISA and FBI have issued a stern warning about the exploitation of Buffer Overflow Vulnerabilities, a threat that's been echoed
ONSEC.io Research Team
Cyber Daily 2/12: Fortinet's Zero-Day Warning, OpenSSL Vulnerability, Apple's iPhone Security Breach, Solar Power Cyberattacks, Microsoft's Urgent Patch

Cyber Daily 2/12: Fortinet's Zero-Day Warning, OpenSSL Vulnerability, Apple's iPhone Security Breach, Solar Power Cyberattacks, Microsoft's Urgent Patch

Good morning, ONSEC Cyber Daily readers! Today's newsletter is packed with critical updates and alerts that you need to know. We start off with a significant vulnerability in Satellite Weather software that allows attackers to execute code remotely. Cybersecurity firm Fortinet has issued an urgent warning about this
ONSEC.io Research Team
Cyber Daily 2/6: Rockwell Automation, Apple, Chrome Vulnerabilities; CISA, Singapore CSA Alerts; Zyxel, Netgear, Samsung Patch Woes; Cybersecurity Podcast Insights

Cyber Daily 2/6: Rockwell Automation, Apple, Chrome Vulnerabilities; CISA, Singapore CSA Alerts; Zyxel, Netgear, Samsung Patch Woes; Cybersecurity Podcast Insights

Welcome to today's issue of ONSEC Cyber Daily. We're diving into a whirlwind of critical vulnerabilities and urgent security alerts. Rockwell Automation FactoryTalk View Machine Edition is under the spotlight with a critical vulnerability that demands immediate attention. Meanwhile, the Cyber Security Agency of Singapore is
ONSEC.io Research Team
Cyber Daily 2/5: CISA's Edge Threat Guidance, XE Group's Supply Chain Threat, Retail Workforce Vulnerability, Russian Exploitation of 7-Zip Zero-Day, AMD and Microsoft Patch Updates

Cyber Daily 2/5: CISA's Edge Threat Guidance, XE Group's Supply Chain Threat, Retail Workforce Vulnerability, Russian Exploitation of 7-Zip Zero-Day, AMD and Microsoft Patch Updates

Welcome to today's issue of ONSEC Cyber Daily! In this edition, we delve into the latest cybersecurity threats and vulnerabilities that are making headlines. The Cybersecurity and Infrastructure Security Agency (CISA) has issued fresh guidance on edge threats, highlighting the need for robust network security. Meanwhile, the XE
ONSEC.io Research Team