ONSEC Weekly Cybersecurity Newsletter

Welcome to this week’s edition of ONSEC’s Cybersecurity Newsletter! Stay informed with the latest ?? Exploits Alert, ??? Vulnerabilities & Patches, and top ?? Cybersecurity Podcasts to help you stay ahead of emerging threats.

?? Exploits Alert

FBI & CISA Warn of Ghost Ransomware Threats Worldwide The FBI and CISA have issued a joint advisory warning of malicious cyber activities involving the Ghost ransomware group. Organizations are urged to strengthen their defenses and address known vulnerabilities. Source: SecurityBrief Australia

Microsoft Power Pages Vulnerability Exploited in the Wild A security flaw in Microsoft Power Pages is being actively exploited. Cybersecurity professionals are encouraged to take immediate action to mitigate risks. Source: Cybersecurity Dive

Hackers Exploiting Cisco Small Business Routers RCE Vulnerability Cybercriminals are leveraging a remote code execution (RCE) vulnerability in Cisco Small Business Routers to deploy a webshell, potentially using them as attack relays. Source: GBHackers

Chinese Cyberespionage Operation Facilitates Ransomware Intrusions A tool linked to a Chinese cyberespionage operation was recently used to facilitate a ransomware attack on an Asian software company, raising concerns over advanced persistent threats. Source: ChannelE2E

Google Issues Warning on Phishing Campaigns Targeting Higher Education Institutions Google has issued a warning about phishing campaigns targeting higher education institutions, as cybercriminals exploit weaknesses in security protocols. Source: GBHackers

?? Vulnerabilities & Patches

Parallels Desktop 0-Day Exploit Enables Root Privileges A new vulnerability CVE-2024-34331 in Parallels Desktop allows attackers to bypass patch verification and gain root privileges. A proof of concept has been released. Source: GBHackers

Oracle Agile Vulnerability Actively Exploited CISA has issued a warning about an actively exploited deserialization vulnerability CVE-2024-20953 in Oracle Agile Product. Immediate patching is recommended. Source: GBHackers

Microsoft Fixes 56 Vulnerabilities in February 2025 Patch Microsoft’s latest patch addresses multiple vulnerabilities, including a heap-based buffer overflow CVE-2025-21418 in the Windows Ancillary Function Driver AFD. Source: SecurityBrief Australia

Palo Alto Networks Firewall Exploitation Attempts Detected Threat actors are actively exploiting a file read flaw in Palo Alto Networks’ firewalls. The company urges users to patch immediately. Source: Cybersecurity Dive

XSS Vulnerability Discovered in Essential Addons for Elementor A Cross-Site Scripting XSS vulnerability CVE-2025-24752 has been found in the Essential Addons for Elementor plugin. WPDeveloper has released an update to resolve the issue. Source: Infosecurity Magazine

?? Top Podcasts This Week

The Privacy, Security, & OSINT Show Host Michael Bazzell explores the increasing prevalence of ransomware-as-a-service and the ongoing DeepSeek controversy. Source: The Privacy, Security, & OSINT Show

Darknet Diaries Jack Rhysider delves into the rise of ransomware-as-a-service and how hacked games are being used to spread malware. Source: Darknet Diaries

The CyberWire Dave Bittner discusses cybersecurity trends, including the surge in ransomware attacks and malicious software hidden in online games. Source: The CyberWire

Smashing Security Graham Cluley and Carole Theriault analyze major cybersecurity headlines, including new ransomware tactics and online fraud schemes. Source: Smashing Security

APDR Podcast Episode 82 – Asia Pacific Defence Reporter Host Kym Bergmann discusses major events impacting cybersecurity in the Asia Pacific region, including the US’s handling of security threats. Source: Asia Pacific Defence Reporter

That’s it for this week! Stay ahead of cyber threats—patch early, patch often!

?? Need expert security insights? Book a consultation with ONSEC today.

?? Follow us for real-time cybersecurity updates!