Apple zero-day patch, Jailbreaking ChatGPT-5 Pro, 7-year old Cisco Vulnerability exploited

Cyber Security Headlines – August 21, 2025: Summary

Podcast: Cyber Security Headlines
Host: Hadas Kasorla, CISO Series
Episode Theme:
A roundup of daily information security news highlighting Apple’s urgent zero-day patch, fresh exploits against old vulnerabilities, emerging threats in AI, ransomware attacks, and new risks in enterprise tools—all presented in an engaging and concise format.

1. Apple Emergency Zero-Day Patch

[00:10–01:12]

Main Point: Apple released emergency patches after discovering a new zero-day vulnerability already being exploited.
Technical details:
- The flaw is in Apple’s Image I/O framework, used for processing photos/graphics.
- Attackers can send a malicious image, leading to memory corruption and potential remote code execution.
- Devices affected: iPhone Xs/newer, multiple iPads, and Macs running Sequoia, Sonoma, or Ventura.
Notable quote:
- “A patch today keeps the zero day away.” — Hadas Kasorla [00:10]

2. Jailbreaking ChatGPT-5 Pro

[01:13–02:15]

Main Point:
- Adversa AI reports GPT-5 Pro is sometimes routed via older/weaker models (codenamed “Promiscuous”) to save costs.
Security implication:
- Prompts with certain words/structures get handled by less restrictive models, reviving classic jailbreak exploits.
- As a result, queries for slurs, malware instructions, or illicit guides may bypass GPT-5 Pro’s safeguards.
Notable insight:
- “That means that output GPT5 Pro would normally refuse, like offensive slurs, malware instructions or guides for hacking or drug making could slip through again.” — Hadas Kasorla [01:55]

3. Russian APT Exploits 7-Year Old Cisco Vulnerability

[02:16–03:10]

Main Point:
- Static Tundra, linked to Russian state hackers, is exploiting a seven-year-old Cisco Smart Install remote code execution flaw.
Scope:
- Targets: Telecom, higher education, manufacturing, with focus on Ukraine and its allies.
- Actions: Stealing configs, altering settings, maintaining backdoors, deploying “sinfulnock” implants.
Key issue: Thousands of unpatched/end-of-life systems remain at risk, despite long-available patches.
Quote:
- “The thing about vulnerabilities is that they stay vulnerable.” — Hadas Kasorla [02:16]

4. Oregon “Wrapperbot” Botnet Indictment

[03:11–04:00]

Main Point:
- A 22-year-old from Oregon charged for creating “Wrapperbot,” a vast botnet used for disruptive DDoS attacks.
Details:
- Pulled in 90,000 devices; peaked at 6 terabits of traffic.
- Targets included tech companies and government agencies.
- Facing up to 10 years in prison.
Unique delivery:
- The summary of this event is performed as an extended, rhythmic rap-style verse:
  - “I'm beginning to feel like a rapbot… The scope was vast, from tech firms to government. None held fast…” — Hadas Kasorla [03:17–03:54]
Lesson:
- “Unpatched devices leave doors open wide.” [03:56]

5. Ransomware Hits Pharma Research Firm

[04:37–05:25]

Main Point:
- Indiana firm Innotiv hit by Killin ransomware group, resulting in encrypted systems and data theft (176 GB, 160,000+ files).
Response:
- Outside cyber experts hired; law enforcement alerted; company shifts to offline processes while restoring systems.
Unknowns:
- It’s not clear how long recovery will take or the eventual financial impact.
Quote:
- “Killin ransomware group has claimed responsibility, saying it stole about 176 gigabytes of data...” [04:40]

6. Fake Podcast Invitations as Social Engineering

[05:26–06:01]

Main Point:
- Attackers are now targeting execs with convincing, branded fake podcast invites (often spoofing real hosts) that trick them during a “technical check.”
Tactics:
- Use of AI-generated voices/videos to pose as hosts.
- Victims asked to install software, provide remote access, or send files—resulting in data theft or malware infections.
Notable quote:
- “Researchers note that this method leverages common business practices, since executives are accustomed to media requests and interview preparation.” [05:49]

7. Vulnerabilities in Wisconsin Municipal Accounting Software

[06:02–06:41]

Main Point:
- Researchers say Workhorse Software Services (used by 300+ WI municipalities) leaves SQL credentials in plaintext and allows unencrypted database backups from the login screen.
Risks:
- Attackers can steal sensitive personal/financial data, tamper with finances or disrupt operations.
Quote (Sports reference):
- “Much like this year’s Packers Defensive Line, researchers published findings of flaws...” [06:04]

8. New Password Manager Clickjacking Attack

[06:42–07:36]

Main Point:
- Marek Toth demonstrates a clickjacking attack that exploits browser extension password managers via invisible injected login fields.
Details:
- Affects 11 major managers, including 1Password, Bitwarden, LastPass.
- Works if attacker controls a trusted subdomain.
- No vendor fixes at time of recording.
Quote:
- “The trick only works if the attacker is on a domain or subdomain your password manager already trusts.” [07:17]

9. Memorable Moments & Tone

Engaging language: The host uses playful and memorable turns of phrase (“I’m beginning to feel like a rapbot,” [03:17]), sports analogies, and rhyme.
Key advice: “Stay Alert, Stay Patched, Stay Hydrated.” — Hadas Kasorla [08:28]

10. Notable Quotes (Chronological with Timestamps)

“A patch today keeps the zero day away.” — Hadas Kasorla [00:10]
“The thing about vulnerabilities is that they stay vulnerable.” — Hadas Kasorla [02:16]
“Unpatched devices leave doors open wide.” — Hadas Kasorla [03:56]
“Much like this year’s Packers Defensive Line, researchers published findings of flaws...” — Hadas Kasorla [06:04]
“Stay Alert, Stay Patched, Stay Hydrated.” — Hadas Kasorla [08:28]

11. Important Timestamps

[00:10] Apple zero-day patch details
[01:13] ChatGPT-5 Pro jailbreaking
[02:16] Cisco vulnerability exploited
[03:11] Wrapperbot botnet
[04:37] Pharma ransomware hit
[05:26] Fake podcast social engineering
[06:02] Wisconsin municipal software flaws
[06:42] Password manager clickjacking

This episode delivers urgent cybersecurity headlines, actionable insights, and memorable calls to vigilance in a fast-paced, approachable style perfect for information security teams and anyone seeking to stay updated with the latest threats.

Cyber Security Headlines – August 21, 2025: Summary

1. Apple Emergency Zero-Day Patch

[00:10–01:12]

Main Point: Apple released emergency patches after discovering a new zero-day vulnerability already being exploited.
Technical details:
- The flaw is in Apple’s Image I/O framework, used for processing photos/graphics.
- Attackers can send a malicious image, leading to memory corruption and potential remote code execution.
- Devices affected: iPhone Xs/newer, multiple iPads, and Macs running Sequoia, Sonoma, or Ventura.
Notable quote:
- “A patch today keeps the zero day away.” — Hadas Kasorla [00:10]

2. Jailbreaking ChatGPT-5 Pro

[01:13–02:15]

Main Point:
- Adversa AI reports GPT-5 Pro is sometimes routed via older/weaker models (codenamed “Promiscuous”) to save costs.
Security implication:
- Prompts with certain words/structures get handled by less restrictive models, reviving classic jailbreak exploits.
- As a result, queries for slurs, malware instructions, or illicit guides may bypass GPT-5 Pro’s safeguards.
Notable insight:
- “That means that output GPT5 Pro would normally refuse, like offensive slurs, malware instructions or guides for hacking or drug making could slip through again.” — Hadas Kasorla [01:55]

3. Russian APT Exploits 7-Year Old Cisco Vulnerability

[02:16–03:10]

Main Point:
- Static Tundra, linked to Russian state hackers, is exploiting a seven-year-old Cisco Smart Install remote code execution flaw.
Scope:
- Targets: Telecom, higher education, manufacturing, with focus on Ukraine and its allies.
- Actions: Stealing configs, altering settings, maintaining backdoors, deploying “sinfulnock” implants.
Key issue: Thousands of unpatched/end-of-life systems remain at risk, despite long-available patches.
Quote:
- “The thing about vulnerabilities is that they stay vulnerable.” — Hadas Kasorla [02:16]

4. Oregon “Wrapperbot” Botnet Indictment

[03:11–04:00]

Main Point:
- A 22-year-old from Oregon charged for creating “Wrapperbot,” a vast botnet used for disruptive DDoS attacks.
Details:
- Pulled in 90,000 devices; peaked at 6 terabits of traffic.
- Targets included tech companies and government agencies.
- Facing up to 10 years in prison.
Unique delivery:
- The summary of this event is performed as an extended, rhythmic rap-style verse:
  - “I'm beginning to feel like a rapbot… The scope was vast, from tech firms to government. None held fast…” — Hadas Kasorla [03:17–03:54]
Lesson:
- “Unpatched devices leave doors open wide.” [03:56]

5. Ransomware Hits Pharma Research Firm

[04:37–05:25]

Main Point:
- Indiana firm Innotiv hit by Killin ransomware group, resulting in encrypted systems and data theft (176 GB, 160,000+ files).
Response:
- Outside cyber experts hired; law enforcement alerted; company shifts to offline processes while restoring systems.
Unknowns:
- It’s not clear how long recovery will take or the eventual financial impact.
Quote:
- “Killin ransomware group has claimed responsibility, saying it stole about 176 gigabytes of data...” [04:40]

6. Fake Podcast Invitations as Social Engineering

[05:26–06:01]

Main Point:
- Attackers are now targeting execs with convincing, branded fake podcast invites (often spoofing real hosts) that trick them during a “technical check.”
Tactics:
- Use of AI-generated voices/videos to pose as hosts.
- Victims asked to install software, provide remote access, or send files—resulting in data theft or malware infections.
Notable quote:
- “Researchers note that this method leverages common business practices, since executives are accustomed to media requests and interview preparation.” [05:49]

7. Vulnerabilities in Wisconsin Municipal Accounting Software

[06:02–06:41]

Main Point:
- Researchers say Workhorse Software Services (used by 300+ WI municipalities) leaves SQL credentials in plaintext and allows unencrypted database backups from the login screen.
Risks:
- Attackers can steal sensitive personal/financial data, tamper with finances or disrupt operations.
Quote (Sports reference):
- “Much like this year’s Packers Defensive Line, researchers published findings of flaws...” [06:04]

8. New Password Manager Clickjacking Attack

[06:42–07:36]

Main Point:
- Marek Toth demonstrates a clickjacking attack that exploits browser extension password managers via invisible injected login fields.
Details:
- Affects 11 major managers, including 1Password, Bitwarden, LastPass.
- Works if attacker controls a trusted subdomain.
- No vendor fixes at time of recording.
Quote:
- “The trick only works if the attacker is on a domain or subdomain your password manager already trusts.” [07:17]

9. Memorable Moments & Tone

Engaging language: The host uses playful and memorable turns of phrase (“I’m beginning to feel like a rapbot,” [03:17]), sports analogies, and rhyme.
Key advice: “Stay Alert, Stay Patched, Stay Hydrated.” — Hadas Kasorla [08:28]

10. Notable Quotes (Chronological with Timestamps)

“A patch today keeps the zero day away.” — Hadas Kasorla [00:10]
“The thing about vulnerabilities is that they stay vulnerable.” — Hadas Kasorla [02:16]
“Unpatched devices leave doors open wide.” — Hadas Kasorla [03:56]
“Much like this year’s Packers Defensive Line, researchers published findings of flaws...” — Hadas Kasorla [06:04]
“Stay Alert, Stay Patched, Stay Hydrated.” — Hadas Kasorla [08:28]

11. Important Timestamps

[00:10] Apple zero-day patch details
[01:13] ChatGPT-5 Pro jailbreaking
[02:16] Cisco vulnerability exploited
[03:11] Wrapperbot botnet
[04:37] Pharma ransomware hit
[05:26] Fake podcast social engineering
[06:02] Wisconsin municipal software flaws
[06:42] Password manager clickjacking

wavePod

Powered by Wave AI

Summary

Cyber Security Headlines – August 21, 2025: Summary

1. Apple Emergency Zero-Day Patch

2. Jailbreaking ChatGPT-5 Pro

3. Russian APT Exploits 7-Year Old Cisco Vulnerability

4. Oregon “Wrapperbot” Botnet Indictment

5. Ransomware Hits Pharma Research Firm

6. Fake Podcast Invitations as Social Engineering

7. Vulnerabilities in Wisconsin Municipal Accounting Software

8. New Password Manager Clickjacking Attack

9. Memorable Moments & Tone

10. Notable Quotes (Chronological with Timestamps)

11. Important Timestamps

Summary

Cyber Security Headlines – August 21, 2025: Summary

1. Apple Emergency Zero-Day Patch

2. Jailbreaking ChatGPT-5 Pro

3. Russian APT Exploits 7-Year Old Cisco Vulnerability

4. Oregon “Wrapperbot” Botnet Indictment

5. Ransomware Hits Pharma Research Firm

6. Fake Podcast Invitations as Social Engineering

7. Vulnerabilities in Wisconsin Municipal Accounting Software

8. New Password Manager Clickjacking Attack

9. Memorable Moments & Tone

10. Notable Quotes (Chronological with Timestamps)

11. Important Timestamps