Welcome to this week’s edition of ONSEC’s Cybersecurity Newsletter! Stay informed with the latest ?? Exploits Alert, ??? Vulnerabilities & Patches, and top ?? Cybersecurity Podcasts to help you stay ahead of emerging threats.
- Google Chrome Vulnerabilities Warning for Windows, Mac Users India’s cybersecurity watchdog, CERT-In, has issued a warning about two critical vulnerabilities in Google Chrome that hackers could exploit. Users should update to the latest version immediately. Source: Kashmir Reader
- Cyber Security Alert in Pakistan The National Telecom and Information Technology Security Board (NTISB) has warned of a surge in cyberattacks targeting the country’s infrastructure. Source: Pakistan Observer
- Browser Extensions Used to Steal Data of Pakistanis Popular browser extensions are being leveraged for cyberattacks to steal user data in Pakistan. Users should review installed extensions and remove any unverified add-ons. Source: Techlist
- Chinese AI App DeepSeek Cyberattack The AI application DeepSeek has limited registrations following a large-scale cyberattack. Investigations are ongoing. Source: South China Morning Post
- SonicWall Vulnerability in SMA 1000 Series Appliances A critical vulnerability in SonicWall’s SMA 1000 series is being actively exploited by attackers. Source: Cybersecurity Dive
- Samsung January 2025 Security Update Samsung has released an update fixing 22 SVEs affecting multiple devices. Users are strongly encouraged to install the latest patch. Source: Evrim A?ac?
- iOS 18.3 Released With Urgent Security Fixes Apple has patched multiple security flaws in iOS 18.3, including an actively exploited vulnerability (CVE-2025-24085). Update now! Source: Benzinga
- Microsoft Patches Critical BitLocker Vulnerability Microsoft’s January update includes a patch for "CrashXTS" (CVE-2025-21210), a BitLocker vulnerability that could enable data extraction. Source: CyberKendra
- Zyxel CPE Devices Active Exploitation A zero-day vulnerability in Zyxel CPE Series devices is being exploited in the wild. Users should apply security updates as soon as available. Source: The Hacker News
- SonicWall SMA Zero-Day Attacks (CVE-2025-23006) A CVSS 9.8 severity flaw in SonicWall SMA appliances is being used in zero-day attacks. Immediate patching is required. Source: Hackread
- Cyber Security Sauna – A deep dive into cybersecurity trends and expert insights. Source: F-Secure
- Darknet Diaries – Captivating real-life stories about hackers, cybercrime, and data breaches. Source: Darknet Diaries
- CISO Series – The Hardest Problems in Security Aren’t "Security Problems" Discusses why major cybersecurity challenges are often not just security issues but business and operational dilemmas. Source: CISO Series
- Inside the Mind of State-Sponsored Cyberattackers An in-depth analysis of state-backed cyber threats, their motivations, and their impact on global security. Source: CyberWire
- Navigating the Cybersecurity Tightrope A CISO’s perspective on balancing security budgets, business priorities, and emerging tech. Source: TechSpective
That’s it for this week! Stay vigilant and apply those patches.
?? Follow us for real-time cybersecurity updates!
