Latest

Cyber Daily 9/4: CISA Alerts on SunPower & TP-Link Flaws, Android's Massive Patch, Samsung's Security Overhaul

Welcome to today's edition of ONSEC Cyber Daily, where the digital world is under siege, and the battle for cybersecurity intensifies. In a dramatic twist, CISA has sounded the alarm on a critical vulnerability in SunPower devices, allowing attackers full access, while Wi-Fi range extenders and TP-Link devices

Cyber Daily 8/1: Microsoft SharePoint Breach, iOS Vulnerabilities, Fermilab Cyberattack, GreyNoise Research on Hacker Activity

ONSEC Cyber Daily: August 1st Edition. Welcome to today's edition of ONSEC Cyber Daily, where we unravel the intricate web of cybersecurity threats and solutions. In a world where vulnerabilities lurk in the shadows, today's issue is a clarion call to action. From the looming specter

Cyber Daily 7/31: AI Solves Cybersecurity, Africa Faces AI Threat, Microsoft SharePoint Exploit, Apple Patches Chrome Zero-Day

Welcome to the ONSEC Cyber Daily for July 31, 2025, where today's headlines weave a compelling narrative of innovation, vulnerability, and resilience in the ever-evolving cybersecurity landscape. NYU Tandon researchers have unveiled an AI agent capable of autonomously tackling cybersecurity challenges, a beacon of hope amidst a sea

Cyber Daily 7/23: UK Bans Ransomware Payments, Chinese Hackers Exploit SharePoint Flaws, Microsoft Scrambles to Patch, Global Cybersecurity Alert

ONSEC Cyber Daily: July 23, 2025. Welcome to today's edition of ONSEC Cyber Daily, where the digital battlefield is more intense than ever. The United Kingdom has taken a bold step to combat ransomware by banning public sector payments, sending a strong message to cybercriminals worldwide. Meanwhile, a

Cyber Daily 7/24: Microsoft SharePoint Breach, US Nuclear Hack, AI Vulnerabilities, China Exploits

Welcome to today's edition of ONSEC Cyber Daily, where the digital world is under siege. In a dramatic turn of events, a critical SharePoint vulnerability, CVE-2025-53770, with a staggering CVSS score of 9.8, has sent shockwaves through the cybersecurity community. This flaw has not only prompted an

Cyber Daily 7/21: Microsoft Faces Global Cyberattack, SharePoint Zero-Day Exploited, Urgent Patches Issued, 7-Zip Vulnerability Crashes Systems

ONSEC Cyber Daily - July 21, 2025 Welcome to today's edition of ONSEC Cyber Daily, where we unravel the latest in the world of cybersecurity. Today, we delve into a gripping narrative of digital warfare, as Microsoft finds itself at the epicenter of a relentless cyber onslaught. A

Cyber Daily 7/20: SharePoint 0-Day, US Train Brake Flaw, CrushFTP Exploit, Fortinet SQL Injection - A Web of Vulnerabilities Unfolds

ONSEC Cyber Daily: July 20, 2025. Welcome to today's edition of ONSEC Cyber Daily, where the digital battlefield is more intense than ever. Our top story reveals a chilling narrative of cyber threats that are not just knocking at the door but breaking it down. A newly discovered

Cyber Daily 7/25: Microsoft SharePoint Zero-Day Exploited Globally, Chinese Hackers Deploy Ransomware, US Agencies Targeted, Urgent Patches Released

ONSEC Cyber Daily - July 25, 2025. Welcome to today's edition of ONSEC Cyber Daily, where we unravel the intricate web of cyber threats and vulnerabilities shaping our digital landscape. Today, we dive into a rapidly escalating cyber campaign that has taken the world by storm. A critical

Cyber Daily 7/22: Microsoft SharePoint Zero-Day Exploited Globally, CISA Issues Urgent Alert, Emergency Patches Released, Agencies Race to Mitigate Vulnerability

Welcome to the ONSEC Cyber Daily for July 22, 2025. Today, we dive into a critical narrative unfolding in the cybersecurity world. A zero-day vulnerability has been discovered in Microsoft SharePoint servers, leading to a wave of global cyberattacks. Microsoft has issued an urgent alert and released emergency patches to

Cyber Daily 7/16: Nvidia GPUs & US Trains Vulnerable, UK Launches Cyber Research, Microsoft Patches 130+ Flaws

Welcome to today's edition of ONSEC Cyber Daily, where we unravel the intricate web of vulnerabilities threatening our digital and physical worlds. Today, we dive into a chilling narrative of interconnected threats that span from the heart of our technological infrastructure to the very rails that carry our

Cyber Daily 7/17: Vim Vulnerability, AI Phishing, CISA Train Warning, WordPress Alert - A Unified Threat Landscape

Welcome to the ONSEC Cyber Daily, where today's issue unravels a web of vulnerabilities that could redefine your digital safety. From the Vim Command-Line Editor's alarming flaw allowing attackers to overwrite sensitive files, to AI phishing exploits manipulating trust in Gmail and MS 365, the cyber

Cyber Daily 7/15: CitrixBleed 2 Exploits, Train Brake Vulnerability, Gmail Hack Alert, FortiWeb RCE Threats - A Global Cybersecurity Crisis Unfolds

Welcome to the ONSEC Cyber Daily for July 15th, where today's headlines weave a chilling narrative of vulnerabilities and exploits that could redefine the landscape of cybersecurity. As CitrixBleed 2 emerges from the shadows, echoing the chaos of its predecessor, organizations worldwide brace for impact. Meanwhile, a stark

Cyber Daily 7/10: Citrix NetScaler Breach, ServiceNow Vulnerability, Chinese Hackers Target Microsoft, Cyber-Risks in Water Sector

Welcome to the ONSEC Cyber Daily for October 7, 2025. Today's issue weaves a narrative of vulnerabilities and resilience in the ever-evolving cyber landscape. We begin with a critical security alert on Citrix NetScaler, highlighting a vulnerability (CVE-2025-5777) that demands immediate attention. As we delve deeper, the water

Cyber Daily 7/9: Windows Vulnerability Alarms, AI Protocols Under Siege, CISA Alerts on Exploits, CyberArk's Security Insights

Welcome to the ONSEC Cyber Daily for July 9, 2025. Today, we dive into a whirlwind of vulnerabilities shaking the cybersecurity landscape. From a critical Windows flaw causing ripples of concern among experts to the revelation of security gaps in the Agentic AI Protocol, the digital world is on high

Cyber Daily 7/8: CitrixBleed 2 Exploits Unleashed, Australia Urges Action, CISA's New Vulnerability Alerts, Chinese Apps Privacy Risks

Welcome to today's edition of ONSEC Cyber Daily, where the digital landscape is more volatile than ever. As Citrix's Netscaler vulnerabilities deepen with the release of proof-of-concept exploits, organizations worldwide are on high alert. The Australian Cyber Security Centre has issued an urgent "Act Now&

Cyber Daily 7/3: Qantas Breach, ModSecurity WAF Vulnerability, Healthcare Data Risks, Chrome Zero-Day Exploit

Welcome to today's edition of ONSEC Cyber Daily, where we unravel the tangled web of cyber threats lurking in the shadows of our digital world. Today, we dive into a narrative that connects the dots between healthcare's ticking time bomb of data privacy risks and the

Cyber Daily 7/2: Iranian Cyber Threats Target US Infrastructure, Chrome Zero-Day Exploited, Citrix Vulnerabilities Exposed

Welcome to today's edition of ONSEC Cyber Daily, where we unravel the intricate web of cyber threats and defenses. Today's spotlight is on a looming cyber storm brewing from the East. Iranian cyber actors are sharpening their digital swords, posing a significant threat to U.S.

Cyber Daily 7/1: Iranian Attacks on US Networks, Glasgow Scam Alert, Citrix Vulnerability Exploited, RBI Urges Zero-Trust

In today's edition, we unravel a web of cyber threats that span continents and industries, painting a vivid picture of the digital battlefield. The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm on potential Iranian cyberattacks targeting vulnerable U.S. networks, urging heightened vigilance. Meanwhile, Glasgow

Cyber Daily 6/27: CISA Alerts on D-Link, ControlID, HPE, AMI, IBM, Cisco, Citrix Flaws; Cybercriminals Exploit Vulnerabilities in Global Tech Giants

Welcome to the June 27th edition of ONSEC Cyber Daily, where today's headlines weave a tale of vulnerabilities and urgent warnings. The Cybersecurity and Infrastructure Security Agency (CISA) is sounding the alarm on a series of critical vulnerabilities, from D-Link routers to ControlID's iDSecure software, each

Cyber Daily 6/26: CitrixBleed 2 Exploits, Firefox 140 Patch, Iranian Hackers Target US, Patch Cycles vs. Exploit Kits

Welcome to the June 26th edition of ONSEC Cyber Daily, where today's headlines weave a tale of digital intrigue and urgency. As Firefox 140 rolls out a crucial update to patch a code execution vulnerability, the cyber landscape is abuzz with vulnerabilities across platforms, from macOS to Android.

Cyber Daily 6/24: China Exploits Cisco in Canada, Citrix Patches, NCSC Warns on Fortinet, Apple Silently Fixes iOS Flaw

Welcome to the June 24th edition of ONSEC Cyber Daily, where today's headlines weave a tale of global cyber intrigue. The spotlight shines on a China-linked group, Salt Typhoon, exploiting a critical Cisco vulnerability to target Canadian telecoms, prompting urgent advisories from both the Canadian Centre for Cyber

Cyber Daily 6/25: Healthcare Under Siege, CISA's Memory Fix, Notepad++ Exploit, Chinese Salt Typhoon Targets Canada

Welcome to the June 25th edition of ONSEC Cyber Daily, where we unravel the intricate web of cyber threats and vulnerabilities shaping our digital landscape. Today, we delve into the escalating cyber crisis plaguing the healthcare sector, where hospitals and insurers find themselves under siege from relentless cyberattacks. As the

Cyber Daily 6/19: North Korea's Hiring Hack, Fake CAPTCHA Malware, Siemens ICS Alert, Lazarus Hits South Korea

Welcome to the June 19th edition of ONSEC Cyber Daily, where the digital battlefield is ever-evolving, and today's headlines weave a narrative of heightened vigilance and strategic defense. As hiring processes transform into unforeseen cybersecurity vulnerabilities, organizations must brace for the unexpected. The U.S. Department of the

Cyber Daily 6/18: US-Canada Disrupt Ethereum Scam, Tehran's Cyber Retaliation Looms, TP-Link & iOS Flaws Exploited, Chrome Zero-Day Backdoor Threat

Welcome to the June 18th edition of ONSEC Cyber Daily, where we unravel the intricate web of today's most pressing cybersecurity developments. In a groundbreaking move, the US and Canada have joined forces to dismantle a sophisticated Ethereum blockchain "approval phishing" scam, marking a new era

Cyber Daily 6/17: TP-Link & iOS Exploits, Microsoft & Langflow Patches, Sitecore RCE Threats

Welcome to the June 17th edition of ONSEC Cyber Daily, where today's headlines weave a tale of digital urgency and defense. As cyber threats loom large, CISA has sounded the alarm on a critical TP-Link router flaw, CVE-2023-33538, now under active exploitation. Meanwhile, a zero-click vulnerability in iOS

Cyber Daily 6/9: 72% Indian Firms Targeted, AI-Driven Scams Surge, Google Chrome & Windows Vulnerabilities, Patch Tuesday Forecast

Subject: ONSEC Cyber Daily: The AI Threat Lurking in Your Inbox Good Morning, In today's issue of ONSEC Cyber Daily, we delve into the alarming rise of cyberattacks in India, where a staggering 72% of organizations have been targeted. The weapon of choice? Artificial Intelligence (AI), enabling stealthier

Cyber Daily 6/4: Proactive Threat Management Revolution, Safari XSS Flaw, Algerian Hackers Target Morocco, Samsung and Google Patch Critical Vulnerabilities

Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving into the evolving landscape of cybersecurity strategies, where proactive threat management is becoming the new norm. We'll explore how cybercriminals are leveraging advanced persistent threats, AI-driven phishing, and deepfake-based social engineering techniques to breach

Cyber Daily 6/2: iPhone Vulnerability Alert, $37M Crypto Heist Exploiting SIM Flaws, 184M Passwords Leaked, AI Cyber Risks & Patch Management

Good morning, ONSEC Cyber Daily readers! Today, we're diving into a whirlpool of vulnerabilities, cyber threats, and the evolving landscape of cybersecurity. First up, a red alert for all iPhone users: Safe Data Storage has issued a warning about a potential vulnerability in your devices. Don't

Cyber Daily 6/6: Wireshark, IBM Tivoli Vulnerabilities; Android 13+ Malware Bypass; TSA, Google Cybersecurity Warnings; Cisco, VMware, HPE, Qualcomm Patches; Heimdal Podcast

Welcome to today's issue of ONSEC Cyber Daily, where we're diving into the latest cybersecurity threats and defenses. We're starting with a critical Wireshark vulnerability that could enable DoS attacks through malicious packet injection. Meanwhile, Android 13+ is under threat as cybercriminals use malware

Cyber Daily 6/5: EU's New Vulnerability Database, Neuroscience Battles Alert Fatigue, Cisco's IOS XE Flaw, CISA's ICS Advisories, Google's Emergency Chrome Patch, Qualcomm's Security Flaws

Welcome to the latest issue of ONSEC Cyber Daily, your one-stop source for all things cybersecurity. Today, we're diving into the EU's new European Vulnerability Database (EUVD), a significant step towards enhancing cybersecurity and supporting risk assessment and incident response. But it's not just

Cyber Daily 6/3: Linux Passwords at Risk, SMEs Face Unprecedented Attacks, Critical Vulnerabilities in vBulletin and Consilium Fire Panel, Qualcomm Urges Patching of Adreno GPU Flaws

Welcome to the ONSEC Cyber Daily for June 3rd, 2025. Today, we're navigating the sea of alerts to prioritize vulnerabilities that are making waves in the cybersecurity landscape. Small and medium-sized enterprises (SMEs) are under siege, with unprecedented cyberattacks threatening their operations. Veteran cybersecurity writer, Davey Winder, warns

Cyber Daily 5/30: Santesoft Vulnerability, Urgent iOS Update, NHS Cyberattacks, Asus Router Compromise, Google Chrome Patch, Podcast Highlights

Welcome to your ONSEC Cyber Daily for May 30th. Today, we're diving into a whirlwind of vulnerabilities, patches, and cyberattacks that are shaking the tech world. First up, we have a critical vulnerability in Santesoft's Sante DICOM Viewer Pro that could allow attackers to disclose information

Cyber Daily 5/29: Toll Fee Scams Alert, XenServer VM Flaw, WooCommerce Plugin Vulnerability, Ivanti NHS Data Risk, Pakistan's Massive Data Breach, Google Chrome & ASUS Updates

Good morning, ONSEC Cyber Daily readers! Today, we're diving into a series of alarming cybersecurity developments that have surfaced across the globe. First up, we're discussing a new warning issued over toll fee scams, a deceptive practice that's causing havoc for unsuspecting victims. In

Cyber Daily 5/28: DragonForce Ransomware Exploits SimpleHelp, Pakistan's 180M User Data Breach, Microsoft's Critical Security Flaws, Adobe's Remote Code Execution Vulnerability

Welcome to your daily dose of ONSEC Cyber Daily, where we bring you the most critical cybersecurity updates. Today, we're diving into the world of ransomware, as DragonForce hackers exploit SimpleHelp vulnerabilities. We'll also be discussing the appointment of Shane Barney as the new Chief Information

Cyber Daily 5/27: Chinese Hackers Target US via Cityworks Exploit, vBulletin Forum Vulnerability Exposed, India's Microsoft Security Alert, Oracle TNS Flaw, Patch Updates for Ivanti, Fortinet, Linux Kernel

Good Morning ONSEC Cyber Daily Readers, In today's issue, we're diving into a series of critical cybersecurity alerts and vulnerabilities that are making headlines. Chinese hackers are exploiting a 0-Day vulnerability in Cityworks, a platform widely used by US local governments. This comes as Cisco Talos

Cyber Daily 5/22: Apple's AirBorne Flaw Threatens iPhones, Attaxion Teams Up with ENISA, SideWinder Exploits Legacy Office Vulnerabilities, Cybersecurity Podcasts Gain Traction

Welcome to the ONSEC Cyber Daily, your one-stop source for the latest in cybersecurity news. In today's issue, we're sounding the alarm on a massive security flaw found in Apple devices. The vulnerability, ominously dubbed "AirBorne," has security researchers urging iPhone users to disable

Cyber Daily 5/19: Ankit Tiwari Cyber Attack, High-Severity Alert for Chrome Users, AI Widening Cybersecurity Gaps in Morocco, Microsoft Patches Exploited Vulnerabilities

Subject: ONSEC Cyber Daily - Celebrity Cyber Attack, Chrome Alert, AI Cybersecurity Gaps, and More Hello ONSEC readers, In today's issue, we're hitting some high notes with a story about a cyber attack against popular Indian singer, Ankit Tiwari. As India faces increasing geopolitical tensions, cybercriminals

Cyber Daily 5/23: Firefox, Chrome Vulnerabilities Alert by NCERT, German Cyber Agency Warns of Grid Threats, WhatsApp Security Flaws, Chinese Hackers Exploit Cityworks Bug, Multiple CVEs Patched

Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving into a world where vulnerabilities are lurking in every corner. From Firefox and Chrome being susceptible to cyber threats, as warned by NCERT, to the German Federal Office for Information Security sounding the alarm on grid

Cyber Daily 5/21: FBI Warns of Router Exploits, National Defense at Cyber Risk, AI in Telecom Cybersecurity, Multiple CVE Patches, Cybersecurity Podcasts Trending

Good morning ONSEC Cyber Daily readers! In today's issue, we're diving into the deep end of cybersecurity, starting with the increasing risks to national defense from cyberattacks. We'll explore how the FBI is warning of cyber actors exploiting end-of-life routers, a threat that hit

Cyber Daily 5/20: iPhone AirPlay Flaws, UK's AI Cybersecurity Codes, Healthcare Cyber Threats, CISA Alerts Discontinued, Toaster Hacking in UK, Google Chrome Vulnerabilities, EU's Vulnerability Database, Patch Tuesday Updates, Cybersecurity Podcasts

Welcome to your ONSEC Cyber Daily dose for May 20th. Today, we're diving into a sea of vulnerabilities and warnings that are making waves across the globe. First up, iPhone users, beware! A critical flaw has been discovered in Apple's AirPlay feature, putting 1.8 billion

Cyber Daily 5/16: SonicWall and Ivanti Vulnerabilities, CISA Alerts on Windows and Fortinet Exploits, Google and India Warn Android Users

Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving into a whirlwind of vulnerabilities and patches that have been making waves in the cyber world. SonicWall has confirmed an encoded URL server-side request forgery vulnerability, while the Australian Signals Directorate (ASD) has issued an alert

Cyber Daily 5/15: SK audits for vulnerabilities, ASD alerts on Ivanti Endpoint Manager, FBI warns on router risks, UAE acts on Microsoft flaws, Patch Tuesday tackles multiple CVEs

Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving into a world where cybersecurity vulnerabilities are being audited, alerts are being issued, and urgent warnings are being sounded. From SK's decision to audit all affiliates for cybersecurity vulnerabilities to the Australian Signals Directorate&

Cyber Daily 5/14: CISA Warns of TeleMessage Vulnerability, Chinese Hackers Exploit SAP, Oracle Cloud Hosts eQure's Cybersecurity Platform, EU Launches Vulnerability Database

Welcome to today's issue of ONSEC Cyber Daily. We're diving into the world of cybersecurity, where vulnerabilities are the name of the game. From the CISA warning about a TeleMessage vulnerability to the launch of eQure's Ground-Truth Cybersecurity Platform on Oracle Cloud Infrastructure, it&

Cyber Daily 5/13: FBI and Indian Govt Warn of Cyber Vulnerabilities, Automation in Vulnerability Management, Proxy Botnets Takedown, Apple and Asus Patch Critical Flaws

Welcome to your daily dose of ONSEC Cyber Daily, where we keep you updated on the latest cybersecurity news. Today, the FBI has issued a major warning for phone and computer users, highlighting the risk of cyber actors exploiting known vulnerabilities. This comes on the heels of an alert from

Cyber Daily 5/9: FBI Warns of Old Router Vulnerabilities, UK Encryption Backdoor Sparks Concern, Microsoft Bookings and Cisco IOS Vulnerabilities, AI Supercharges Cyber Threats

Welcome to the ONSEC Cyber Daily! Today's issue is a wake-up call for all of us. The FBI has warned that old routers are vulnerable to hackers, and proxy services like Anyproxy and 5Socks have been accused of aiding cybercriminals. Meanwhile, US lawmakers are slamming the UK'

Cyber Daily 5/8: End of Life Routers Exploited, IBM Cognos Analytics Vulnerability, Rising Threats to OT Systems, SAP NetWeaver Under Attack

Welcome to the ONSEC Cyber Daily, your one-stop source for the latest in cybersecurity news. Today, we delve into the world of cybercriminals exploiting end-of-life routers and the vulnerabilities they leave behind. We'll also discuss the critical security advisory issued by IBM regarding its Cognos Analytics platform. In

Cyber Daily 5/7: BTMOB RAT Threatens Moroccan Users, Retailers Bolster Cybersecurity, Android's Critical Patch for CVE-2025-27363, Exploited Vulnerabilities in Samsung and SonicWall

Welcome to today's issue of ONSEC Cyber Daily. We're diving deep into the world of cyber threats and vulnerabilities, starting with the BTMOB RAT virus that's causing havoc for Moroccan users. We'll explore how cybercriminals are using this "Malware-as-a-Service" to

Cyber Daily 5/6: CISA Alerts on Langflow Exploit, Cyber Onslaught on Indian Defence, SonicBoom Bypasses Login, Google & MediaTek Patch Flaws, AI in Medical Device Security

Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving into a series of alerts and vulnerabilities that are shaking up the cybersecurity landscape. First up, the Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert about an actively exploited vulnerability in Langflow. This

Cyber Daily 5/1: SAP, M&S, Co-op Vulnerabilities, DNA Hacking Threats, CISA's Broadcom, Commvault Alert, AI in Cybersecurity, Apple AirPlay Patch, Cybersecurity Podcasts

Welcome to the 5/1 issue of ONSEC Cyber Daily, your one-stop source for the latest in cybersecurity news. Today, we're diving into the growing challenge of managing cybersecurity fatigue among CISOs and their teams. We'll also be discussing the recent security alert regarding the SAP

Cyber Daily 5/2: M&S Cyber Attack Disrupts Supply, SonicWall VPN Exploits, SK Telecom Breach Linked to China, World Password Day Insights, Tesla & Netgear Vulnerabilities Patched

Welcome to the May 2nd edition of ONSEC Cyber Daily, your daily dose of cybersecurity news and updates. Today, we delve into the major cyber attack that left M&S Percy Pig fans in disarray and exposed critical vulnerabilities. We also explore the new wave of VPN exploits targeting

Cyber Daily 4/30: NetApp Boosts Storage Layer Security, Cybersecurity Firms Under Siege, CISA Alerts on Commvault, Brocade Vulnerabilities, Chrome and Apache Patch Updates

Welcome to your daily dose of cybersecurity updates from ONSEC Cyber Daily. Today, we delve into the escalating threats in the cyber world, with NetApp advancing cybersecurity at the storage layer to counter automated attacks and the advent of quantum computing. However, even cybersecurity companies are not immune to these

Cyber Daily 4/29: JPMorgan CISO's RSA Warning, Blackpoint Cyber's Unified Security, SOCRadar's AI Operations, Ivanti VPNs' Scanning Surge, Aussie SMEs' Digital Threats, Craft CMS & SAP NetWeaver Exploits, CISA Alerts on Planet Tech, Podcast Insights

Welcome to your ONSEC Cyber Daily dose for April 29. Today, we're diving into the deep end of the cybersecurity pool. We kick off with a warning shot from JPMorgan Chase's CISO ahead of the RSA Conference, highlighting the increasing pressure on CISOs to stay ahead

Cyber Daily 4/25: Ivanti VPN Exploits Surge, AMI and Redis Patch Critical Flaws, NVIDIA and Microsoft Vulnerabilities Exposed, Podcasts Highlight Cybersecurity Trends

Welcome to your daily dose of cyber insights, ONSEC Cyber Daily. Today, we're diving into the world of vulnerabilities and exploits, as we've seen a significant spike in the first few months of 2025. VulnCheck has spotted 159 actively exploited vulnerabilities, with a warning about increased

Cyber Daily 4/24: Armis Warns of AI-Powered Cyberwarfare, CISA Flags Critical ICS Vulnerabilities, Patching CVEs in Focus, Cybersecurity Podcasts Trending

Welcome to your daily dose of cyber security news from ONSEC Cyber Daily. Today, we're diving into the world of vulnerabilities and patches, with a focus on the critical threats that are making headlines. Armis is offering free access to its real-time cyber threat database, a move that

Cyber Daily 4/23: Financial Sector Cybersecurity Warnings, PyTorch and Windows Update Vulnerabilities, Morocco Cyberattacks, ASUS AiCloud Flaw, Podcasts on Cybersecurity

Good morning, ONSEC Cyber Daily readers! Today's issue is packed with vital cybersecurity updates that you can't afford to miss. The financial sector is under siege, with experts warning of increasing and sophisticated cyberattacks. We delve into the discovery of a remote code execution bug in

Cyber Daily 4/22: WinZip and ASUS AiCloud Vulnerabilities, AI Security Blindspots, Moroccan WordPress Plugin Breach, Deepfake CEO Threats

Welcome to your ONSEC Cyber Daily for April 22nd. Today, we're diving into a whirlwind of vulnerabilities and exploits that are keeping cybersecurity professionals on their toes. First up, we have a critical vulnerability in WinZip that could allow hackers to execute malicious code silently, bypassing Windows'

Cyber Daily 4/18: Oracle Cloud Credential Leak, Cisco Webex and SonicWall Vulnerabilities, Apple's Urgent Update, CVE-2025-24054 Attack, Patching Frenzy

Welcome to the ONSEC Cyber Daily for April 18th. Today's issue is packed with critical updates and alerts. The Cybersecurity and Infrastructure Security Agency (CISA) has been busy issuing warnings about vulnerabilities in legacy Oracle systems, Cisco Webex, and SonicWall. Apple is urging iPhone users to update their

Cyber Daily 4/17: US Agency Saves MITRE's Vulnerability Database, CISA Adds Exploited Vulnerability to Catalog, Morocco Warns of WhatsApp Flaw, Critical Patches for Apple, Microsoft, Oracle

Good morning, ONSEC Cyber Daily readers! Today's issue is packed with critical updates from the cybersecurity world. In a last-minute reversal, the US agency has extended support for the cyber vulnerability database, averting a potential lapse in a program that plays a critical role in our cyber defenses.

Cyber Daily 4/16: MITRE's CVE Oversight Ends, Global Cybersecurity at Risk, Morocco's Major Data Leak, WhatsApp Users Alerted, Incomplete NVIDIA Patch, Hertz Data Stolen in Cleo Attacks

Welcome to your ONSEC Cyber Daily for April 16. Today, we're diving into the potential global cybersecurity crisis as MITRE's CVE oversight ends due to a lapse in the U.S. government contract. This could leave a gap in vulnerability tracking that nation-state actors and cybercriminal

Cyber Daily 4/15: CentreStack Vulnerability Impact on MSSPs, Fortinet Zero-Day Bug, Android Users at High Risk, WhatsApp Security Flaws, Google Chrome Bug, Galaxy S24 Vulnerability, Windows 11 Update, Incomplete NVIDIA Patch

Good morning, ONSEC Cyber Daily readers! Today's issue is packed with critical updates and insights on the latest cybersecurity threats and vulnerabilities. We start with a deep dive into the CentreStack vulnerability and what it means for MSSPs and MSPs. As AI defenses evolve, so do AI cyberthreats,

Cyber Daily 4/11: WhatsApp Vulnerability Alert in India, Dell's Critical PowerScale Flaws, SonicWall's Multiple Patches, CentreStack Breach, Microsoft's Zero-Day Patch

Welcome to the ONSEC Cyber Daily, your one-stop source for the latest in cybersecurity news. In today's issue, we delve into the high-risk warning issued by CERT-In for WhatsApp Desktop app users, highlighting the potential vulnerability that could allow cybercriminals to steal your personal information. We also explore

Cyber Daily 4/10: China's Android Surveillance, WhatsApp Bug Alert, Microsoft's 125 Windows Patches, Active Exploits on CentreStack Vulnerability

Welcome to the ONSEC Cyber Daily for April 10th, where we bring you the latest news in the world of cybersecurity. Today, we're focusing on a wave of vulnerabilities and patches that are making headlines. China is pushing surveillance via Android apps, raising concerns about privacy and security.

Cyber Daily 4/9: WhatsApp Users Warned of Hacking Risk, CyberSmart Expert Weighs In; CISA Alerts on Zoom, Ivanti, and Google Vulnerabilities; Patch Tuesday Reveals 121 Microsoft Flaws

Welcome to the latest issue of ONSEC Cyber Daily. Today, we're diving into a series of critical alerts and warnings that have been issued across the cyber landscape. First up, WhatsApp users are being urged to update their settings to avoid falling victim to potential hacks. This warning

Cyber Daily 4/8: ToddyCat Exploits ESET Vulnerability, WinRAR Flaw Bypasses Windows Security, Python JSON Logger Vulnerability Exposed, Google Patches Android Zero-Days

Welcome to your daily dose of ONSEC Cyber Daily. Today, we delve into the world of cyber vulnerabilities and the relentless efforts of cybercriminals to exploit them. We kick off with the ToddyCat APT group, who have cleverly exploited a vulnerability in ESET's Command Line Scanner to conceal

Cyber Daily 4/7: High-Risk Alert for Google Chrome Users, 200M Records Exposed in Massive Breach, Palo Alto Networks Probed, Ivanti Vulnerability Patched, Cisco Utility Exploited

Hello ONSEC readers, Welcome to today’s edition of ONSEC Cyber Daily, where we spotlight the latest high-risk alerts, massive data breaches, and critical vulnerabilities shaking the cybersecurity landscape. First, a high-risk alert has been issued for Google Chrome users, urging immediate updates to defend against escalating threats. Cyber hygiene

Cyber Daily 4/4: Chinese Hackers Exploit Ivanti Vulnerability, Cisco CSLU Flaw Under Attack, WinRAR and Google Quick Share Vulnerabilities, Australia-Philippines Cybercrime Partnership

Good morning ONSEC Cyber Daily readers! Today's newsletter is packed with critical updates and alerts that you can't afford to miss. Chinese hackers are on the prowl, actively exploiting an Ivanti Connect Secure vulnerability. Meanwhile, Cisco is sounding the alarm over the active exploitation of a

Cyber Daily 4/3: Critical CrushFTP Vulnerability Exploited, Apple's iOS 18.4 Security Alert, Ivanti Bug Alert by CISA, NSA Warns iPhone and Android Users, Canon Printer Drivers Vulnerability, Kaspersky Patches Chrome Flaw

Welcome to the latest issue of ONSEC Cyber Daily! Today, we're diving into a series of critical vulnerabilities and security warnings that are making waves in the cybersecurity world. First up, we're looking at the ongoing intrusions involving the CrushFTP vulnerability, a critical issue that'

Cyber Daily 4/2: Cowbell's Cybersecurity Expansion, Malaysian Airport Ransomware Alert, Kentico Xperience CMS XSS Vulnerability, Apple's 0-Day Warnings, Cisco and Apple CVE Updates

Welcome to the ONSEC Cyber Daily for April 2nd! Today, we're diving into a whirlwind of cybersecurity updates and alerts. We start with Cowbell's expansion of its cybersecurity platform, integrating vulnerability scanners from Tenable, Qualys, and Rapid7. This move is a significant step towards strengthening cyber

Cyber Daily 4/1: Bitdefender Debrief, OpenSSH Vulnerability, Ivanti Zero-Day Alert, BDSM App Breach, Google Chrome Update, NSA iPhone Warning, Next.js Flaw, Chrome 0-Day, Ivanti Bug, Kubernetes Vulnerability

Good morning, ONSEC Cyber Daily readers! In today's issue, we're diving into a sea of vulnerabilities and warnings that have been making waves in the cyber world. We begin with Bitdefender's March 2025 Threat Debrief, which highlights the relentless pursuit of cybercriminals in finding

Cyber Daily 3/28: Mozilla Patches Windows, Chrome Zero-Day Exploit, Kuala Lumpur Airport Cyberattack, Akira Ransomware Bypasses EDR, New macOS Malware Emerges

Good morning, ONSEC Cyber Daily readers! Today, we're diving into a whirlwind of cybersecurity updates and alerts that have been making headlines. First off, Mozilla has released an urgent patch for Windows in response to the Chrome Zero-Day Exploit. This comes as the Kuala Lumpur Airport is hit

Cyber Daily 3/27: Next.js Middleware Vulnerability, Active SAP Exploitation, DrayTek Router Issues, Chrome's CVE-2025-2783 Patch, Ghostscript Threats

Welcome to your daily dose of ONSEC Cyber Daily, where we bring you the most critical cybersecurity updates. Today, we're unraveling a web of vulnerabilities and patches that have been making waves in the cybersecurity world. First up, we have a middleware vulnerability in Next.js (CVE-2025-29227) that

Cyber Daily 3/26: Google's Chrome Patch for Russian Espionage, DrayTek Router Vulnerabilities, Kubernetes Ingress-NGINX Flaws, Ukraine Infrastructure Attacks

Welcome to your ONSEC Cyber Daily dose for March 26th. Today, we're diving into a whirlwind of cyber threats and security patches. Google has released a Chrome patch to counter an exploit used in Russian espionage attacks, while DrayTek routers are under active exploitation due to vulnerabilities disclosed

Cyber Daily 3/25: FBI Warns of Threats to Hospitals, Ukraine Defense Sector Under Attack, Critical Vulnerabilities in Next.js, Kubernetes, Cisco CSLU, and Veeam Software

Good morning, ONSEC Cyber Daily readers! Today, we're diving into a whirlwind of cyber threats and vulnerabilities that are shaking up the digital landscape. The FBI and healthcare agencies have issued a stern warning about a credible threat against hospitals, following a multi-city social media terror plot alert.

Cyber Daily 3/21: Veeam and IBM Patch High-Risk Flaws, Google Chrome Users Warned of Cyber Threats, Dell and CISA Alert on Vulnerabilities, Chinese Hackers Exploit Exchange Vulnerabilities

Good morning, ONSEC Cyber Daily readers! In today's issue, we're diving into a sea of vulnerabilities and patches. We start with Veeam's critical update patching a backup software vulnerability, a move that has sent ripples across the information security sector. But it's

Cyber Daily 3/20: Clovis Scam, FBI Warns of Gmail and Outlook Attacks, Microsoft Alerts on StilachiRAT, CISA Highlights Fortinet and GitHub Vulnerabilities, CERT NZ Advises on Apache Tomcat

Welcome to your ONSEC Cyber Daily dose for March 20. Today, we're diving into a series of alarming cybersecurity incidents and vulnerabilities that are making headlines. Starting off in Clovis, where residents have fallen victim to a scam that has seen over $230K stolen. This incident serves as

Cyber Daily 3/19: SquareX Exposes Browser Vulnerabilities, CISA Adds Exploited Flaws to Catalog, AMI BMC and DeepSeek AI Vulnerabilities Raise Concerns, Google and Linux Patch Critical Issues

Welcome to your daily dose of ONSEC Cyber Daily! Today, we're diving into the world of cyber vulnerabilities and the steps being taken to combat them. SquareX's "Year of Browser Bugs" project is shining a light on critical cybersecurity blind spots, while Google launches

Cyber Daily 3/18: Samsung's 7-Day Update Deadline, TP-Link and GitHub Vulnerabilities, Remote Hacks on Commercial Vehicles, Microsoft and Adobe Patching Critical Flaws

Welcome to the ONSEC Cyber Daily for March 18, 2025. Today, we're diving into a sea of vulnerabilities and patches. Samsung is facing an impossible deadline, urging users to update their phones within 7 days to avoid potential disasters. Meanwhile, the job market is buzzing with opportunities for

Cyber Daily 3/14: Win32 Bug Exploited for Two Years, Aptori's AI Reduces Risk, Security Cameras Hijacked into Botnet, CISA Warns of Juniper and Medusa Threats

Welcome to the ONSEC Cyber Daily for March 14th. Today, we're diving into a whirlwind of cyber threats and vulnerabilities that have been making headlines. We start with a two-year-old Win32 bug that malicious actors have been exploiting, despite its recent fix. This high-severity zero-day vulnerability in the

Cyber Daily 3/13: iOS 18.3.2 Warning for iPhone Users, Windows Zero-Day Attacks, CISA Alerts on NTFS Exploit, Microsoft and Apple Patch Critical CVEs

Welcome to the ONSEC Cyber Daily, your one-stop source for the latest cybersecurity news. Today, we're diving into a series of critical updates and warnings issued for both Apple and Microsoft users. Apple has released an urgent update for iOS 18.3.2, following the discovery of an

Cyber Daily 3/12: CISA Warns of Microsoft Windows MMC Exploit, Cybersecurity Burnout Crisis, ArmorCode's New Partner Program, Google Chrome's Critical Vulnerabilities, Apple and Microsoft's Urgent Patches

Good morning, ONSEC Cyber Daily readers! Today's issue is packed with crucial updates from the cybersecurity world. The CISA has issued an alert on the active exploitation of a Microsoft Windows MMC vulnerability, reminding us of the constant battle against cyber threats. Meanwhile, the cybersecurity sector is grappling

Cyber Daily 3/11: Security Cameras Hijacked into Botnet, Widespread PHP Vulnerability Attacks, Bluetooth Chip Identity Theft, Federal Contractor Vulnerability Disclosure Program

Good morning ONSEC Cyber Daily readers! Today's issue is packed with critical updates and insights from the cybersecurity world. We kick off with a warning about a top security camera maker's devices being hijacked into a botnet, a result of cybercriminals exploiting a command injection vulnerability.

Cyber Daily 3/7: IVF, Genea Under Attack, Microsoft Battles Storm-2139, VMware Zero-Days Exploited, Telegram Vulnerability, Hitachi Energy Security Issues

Welcome to the ONSEC Cyber Daily, your one-stop source for the latest in cybersecurity news. Today, we're diving into a series of critical cyber threats and vulnerabilities that are making headlines across the globe. First up, we're looking at the recent IVF cyber attack in Australia,

Cyber Daily 3/6: Google and CISA Alert on Android and VMware Exploits, Vim Vulnerability Allows Code Execution, AI Soft Unveils Alli AI

Welcome to the ONSEC Cyber Daily newsletter for March 6th. Today, we're diving into a series of vulnerabilities that have been making waves in the cybersecurity world. First up, we have a newly discovered Vim vulnerability (CVE-2025-27423) that allows code execution via malicious TAR archives. This is a

Cyber Daily 3/5: Google and VMware Race to Patch Critical Vulnerabilities, CISA Adds New Exploits to Catalog, Chinese Cyber Espionage on the Rise

Welcome to today's issue of ONSEC Cyber Daily. We're diving into a whirlwind of warnings, vulnerabilities, and urgent patches that are making waves in the cybersecurity landscape. Google has set a 20-day deadline for Android users to update their phones due to an unspecified vulnerability, CVE-2024-43093,

Cyber Daily 3/4: CISA Warns of Cisco, Progress WhatsUp Gold Vulnerabilities, Ransomware Gangs Monitor CISA Catalog, Google and Samsung Patch Android Flaws

Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving into a whirlwind of cybersecurity threats and vulnerabilities that are keeping the digital world on its toes. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued urgent warnings about a Progress WhatsUp Gold Path

Cyber Daily 2/28: Chinese Espionage Facilitates RA World Ransomware, AI in Cybersecurity, Maritime Industry's Cyber Vulnerabilities, Microsoft Copilot Warning, iPhone Data at Risk, GitLab and LibreOffice Patches

Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving into the murky depths of cyberespionage, as malicious actors leverage a tool linked to a Chinese operation to facilitate a ransomware intrusion against an Asian software firm. We'll explore how AI can be responsibly

Cyber Daily 2/27: Telegram's Law Enforcement Cooperation, Ivanti's Vulnerability, Microsoft and Synacor's Zero-Days, WordPress Plugin Threat

Welcome to today's issue of ONSEC Cyber Daily, where we bring you the latest and most impactful cybersecurity news. Today, we delve into the changing cybercrime landscape as Telegram starts cooperating with law enforcement, pushing malicious actors to seek other platforms. We also examine the increasing efficiency of

Cyber Daily 2/26: Adobe and Oracle Under Attack, Cisco Routers Exploited, Google Warns of Phishing in Education, UK Vulnerability Reporting Criticized

Good morning, ONSEC Cyber Daily readers! Today's issue is packed with critical updates and insights from the cybersecurity world. We start with a warning from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) about increased cyberattacks targeting Adobe ColdFusion and Oracle Agile PLM. The attackers are exploiting

Cyber Daily 2/25: FBI & CISA Warn of Ghost Ransomware, Microsoft & Oracle Vulnerabilities Exploited, Parallels Desktop Zero-Day Bug, Podcasts on AI in Cybersecurity

Welcome to the ONSEC Cyber Daily, your one-stop source for the latest in cybersecurity news. Today, we're diving into a global warning from the FBI and CISA about the Ghost ransomware threats that are haunting the cyber world. We'll explore how these cyber specters are exploiting

Cyber Daily 2/21: Ghost Ransomware Threatens 70+ Nations, CISA Warns of SonicWall and Palo Alto Bugs, Europe's Cyber Vulnerability Exposed, Microsoft and NVIDIA Patch Critical Flaws

Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving into the chilling world of Ghost Ransomware. The National Law Review has released a joint cybersecurity advisory on this menacing threat that's exploiting vulnerabilities in over 70 countries. The Cybersecurity and Infrastructure Security Agency

Cyber Daily 2/20: Ghost/Cring Ransomware Alert by FBI, CISA; Insight Partners Cyberattack; Palo Alto, SonicWall Vulnerabilities; Weak Passwords Warning; Cybersecurity Podcast Highlights

Welcome to the ONSEC Cyber Daily newsletter for February 20, 2025. Today, we're diving into a flurry of cyber threats and vulnerabilities that have been making headlines. The FBI and CISA have issued an alert regarding the recent surge in Ghost/Cring ransomware activity. This comes on the

Cyber Daily 2/18: CISA Alerts on Apple iOS and Buffer Overflow Exploits, Android Follows iPhone's Security Steps, US Treasury Targeted via PostgreSQL, SonicWall Firewalls Under Attack

Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving deep into the world of cybersecurity, where vulnerabilities are exploited and the battle to secure our digital landscape is relentless. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm on a critical

Cyber Daily 2/14: Palo Alto Networks Patches PAN-OS Exploit, CISA & FBI Alert on Buffer Overflow Vulnerabilities, US Coast Guard Urged to Strengthen Cybersecurity, FedEx Warns of New Scams

Happy Valentine’s Day! Welcome to your ONSEC Cyber Daily newsletter for February 14th. Today, we're diving into a sea of vulnerabilities and patches, with a focus on the recent Palo Alto Networks authentication bypass exploit in PAN-OS software. This vulnerability, tracked as CVE-2025-0108, has a CVSS score

Cyber Daily 2/13: CISA, FBI Warn of Buffer Overflow Threats, Google Chrome's 'Syncjacking' Attack, Apple's Global Security Update, SonicWall VPN Hijacking Risk, US Ports Vulnerable to Cyber Attacks

Welcome to today's issue of ONSEC Cyber Daily. We're diving into a whirlwind of cybersecurity threats and vulnerabilities that have been making headlines. The CISA and FBI have issued a stern warning about the exploitation of Buffer Overflow Vulnerabilities, a threat that's been echoed

Cyber Daily 2/12: Fortinet's Zero-Day Warning, OpenSSL Vulnerability, Apple's iPhone Security Breach, Solar Power Cyberattacks, Microsoft's Urgent Patch

Good morning, ONSEC Cyber Daily readers! Today's newsletter is packed with critical updates and alerts that you need to know. We start off with a significant vulnerability in Satellite Weather software that allows attackers to execute code remotely. Cybersecurity firm Fortinet has issued an urgent warning about this

Cyber Daily 2/11: Ubuntu and Skibidi Vulnerabilities, UK's New Cyberattack Scale, Swiss Aviation Warnings, Apple and Trimble Patches, Podcast Insights

Welcome to your daily dose of cybersecurity news, brought to you by ONSEC Cyber Daily. Today, we're diving into a series of vulnerabilities that have been making waves in the tech world. First up, we're looking at a concerning Ubuntu printing vulnerability that could allow attackers

Cyber Daily 2/10: Critical Zimbra Flaws, Outlook Vulnerability, Android Patch by Google, Cybersecurity Podcasts Trending

Good morning, ONSEC Cyber Daily readers! Today, we're diving into a series of critical vulnerabilities that have been making waves in the cybersecurity world. First up, we're looking at Zimbra, where flaws have been discovered that could allow attackers to gain unauthorized access to sensitive data.

Cyber Daily 2/7: CISA Warns of Linux Kernel and Microsoft Outlook Exploits, Cyberespionage Targets 7-Zip, Veeam and AnyDesk Vulnerabilities Addressed

Welcome to today's issue of ONSEC Cyber Daily! In this edition, we're diving into the latest cybersecurity threats and vulnerabilities that are making headlines. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a Linux Kernel flaw that's being

Cyber Daily 2/6: Rockwell Automation, Apple, Chrome Vulnerabilities; CISA, Singapore CSA Alerts; Zyxel, Netgear, Samsung Patch Woes; Cybersecurity Podcast Insights

Welcome to today's issue of ONSEC Cyber Daily. We're diving into a whirlwind of critical vulnerabilities and urgent security alerts. Rockwell Automation FactoryTalk View Machine Edition is under the spotlight with a critical vulnerability that demands immediate attention. Meanwhile, the Cyber Security Agency of Singapore is

Cyber Daily 2/5: CISA's Edge Threat Guidance, XE Group's Supply Chain Threat, Retail Workforce Vulnerability, Russian Exploitation of 7-Zip Zero-Day, AMD and Microsoft Patch Updates

Welcome to today's issue of ONSEC Cyber Daily! In this edition, we delve into the latest cybersecurity threats and vulnerabilities that are making headlines. The Cybersecurity and Infrastructure Security Agency (CISA) has issued fresh guidance on edge threats, highlighting the need for robust network security. Meanwhile, the XE