- Exzec Cyber Newsletter
- Posts
- Nevada Goes Dark, Apple Goes Patch Crazy
Nevada Goes Dark, Apple Goes Patch Crazy
From state shutdowns to zero-days in your pocket—cyber had a busy week.
In partnership with
⏱️ ≈ 7-minute read
Editor’s Note: Governments offline, iPhones under attack, and car doors wide open—it’s like hackers are speedrunning the 2025 bingo card.
📬 This Week’s Clickables
📌 Big News – Nevada state hit with major cyberattack; Apple patches another zero-day
🚨 Can’t Miss – Citrix & Git flaws exploited, DaVita data disaster, Farmers breach, telecom outages, and more
🤖 AI in Cyber – Prompt-injected images, poisoned docs, and a CEO voice clone that drained $500K
🧪 Strange Cyber – One bug let hackers unlock cars anywhere
🚨 Big Stories
🏛️ Nevada State Government Knocked Offline by Cyberattack
Intro: Nevada wasn’t ready for Vegas to go dark, but hackers had other plans.
What Happened: A “wide-ranging network security incident” forced the state of Nevada to take down websites, phone lines, and internal systems across multiple agencies. Even DMV services went dark. The state declared an emergency and called in CISA and FBI to help contain the threat.
Why It’s Important: State governments remain prime targets with limited resources. Taking down phones and websites at scale disrupts everything from business licensing to citizen services—and exposes how brittle civic cyber really is.
The Other Side: Officials aren’t confirming ransomware, but the playbook (wide outage, phones down, CISA called) reads like it. No ransom note has surfaced—yet.
The Takeaway: If hackers can knock a U.S. state offline, local governments everywhere should be on high alert.
TL;DR: Nevada shut down government websites and phones after a major cyberattack—services are crawling back online with federal help.
Further Reading:
The first U.S. state to activate a National Guard cyber unit during a major outage was Vermont in 2019. Six years later, it’s become almost routine.🍏 Apple Patches Zero-Day Exploited in the Wild (CVE-2025-43300)
Intro: It’s Tuesday—must be another Apple zero-day.
What Happened: Apple released emergency fixes for iOS, iPadOS, and macOS after researchers spotted active exploitation of a flaw in ImageIO. Malicious images could trigger remote code execution on unpatched devices. The bug, CVE-2025-43300, was reported by Citizen Lab and Google TAG after being abused in the wild.
Why It’s Important: iPhones and Macs are high-value targets. A single click on a weaponized image could compromise journalists, activists, or executives. Attackers aren’t waiting for Patch Tuesday—they’re already in your camera roll.
The Other Side: Apple credited rapid patch turnaround, but critics note this is the seventh zero-day patched this year. Clearly, attackers are digging faster than Cupertino can fill holes.
The Takeaway: Update now. No excuses. If your device hasn’t rebooted, assume it’s still vulnerable.
TL;DR: Apple rushed patches for CVE-2025-43300, a zero-day exploited via malicious images. Get the update, or get pwned.
Further Reading:
🔥 Can’t Miss
🛠 CISA Adds Citrix & Git Flaws to KEV Catalog
Actively exploited vulnerabilities in Citrix and Git now have federal patch deadlines.
Takeaway: If CISA says patch now, assume attackers already have the exploit kits.🏥 DaVita Breach Impacts 2.7M Patients
The ransomware fallout keeps growing—millions of patient records exposed in one of healthcare’s largest breaches this year.
Takeaway: Ransomware loves healthcare because downtime is leverage.📑 Data I/O Files SEC 8-K After Ransomware
The electronics manufacturer confirmed disruption in filings to the SEC.
Takeaway: When ransomware makes you tell Wall Street, you know it’s serious.🛡 Farmers Insurance Breach Hits 1M Customers
Names, contact details, and policy data exposed in a consumer-scale breach.
Takeaway: If your insurer can’t protect your data, how confident are you they’ll pay your claim?
Take a Swing at What’s Next in Crypto
When you’re teeing off, you square up your shot for the best drive — the same goes for your financial future.
Our $3 report includes our #1 Coin for the market right now, including a step-by-step guide on how to trade it.
Learn to manage risks, make smarter plays, and aim for better outcomes.
🤖 AI in Cyber
🖼️ Image-Based Prompt Injection Tricks AI Agents
Researchers embedded hidden instructions inside images that hijack AI systems into leaking data or running commands.
Takeaway: Even your cat pictures might be carrying a payload.📑 Wired: Poisoned Docs Can Exfil “Secret” AI Data
One poisoned document can make an AI agent hand over sensitive context data.
Takeaway: If your AI assistant reads it, attackers can own it.🛒 AI Browsers Can Autofill Credit Cards on Fake Sites
Testing showed Comet AI browser autofilled payment details on malicious prompts.
Takeaway: “Convenience” is just a euphemism for “please take my money.”🎙️ Deepfake CEO Voice Swindles $500K
Attackers cloned an executive’s voice to trick a vendor into wiring funds.
Takeaway: If the CEO calls for urgent money, hang up and call them back.
🧟♂️ Strange Cyber
🚗 Car Portal Bug Could Remotely Unlock Vehicles
Intro: Forget crowbars—hackers had the keys all along.
What Happened: A vulnerability in a carmaker’s dealer portal allowed an independent researcher to remotely unlock cars, start engines, and access owner data across the globe. All it took was one flaw in web authentication.
Why It’s Important: This isn’t just theoretical—connected car platforms are becoming the new attack surface. A single portal bug can translate into thousands of exposed vehicles.
The Other Side: The automaker patched quickly after disclosure, but the fact it existed at all shows how rushed digital features can undermine physical security.
The Takeaway: Your car’s weakest point might not be the lock—it’s the login.
TL;DR: A researcher exploited a dealer portal bug to remotely unlock cars anywhere. The fix is in, but the risk isn’t going away.
Further Reading:
Thanks for reading this week’s edition. Like what you see? Forward it!
Hate everything you see or have other feedback? Reply back to this email!