Daily CyberSecurity •

CVE-2025-31324 (CVSS 10): Zero-Day in SAP NetWeaver Exploited in the Wild to Deploy Webshells and C2 Frameworks CVE-2025-31324, SAP NetWeaver

CVE-2025-31324 (CVSS 10): Zero-Day in SAP NetWeaver Exploited in the Wild to Deploy Webshells and C2 Frameworks

Ddos April 25, 2025

A critical zero-day vulnerability affecting SAP NetWeaver Visual Composer MetadataUploader, now tracked as CVE-2025-31324, is being actively...

OpenAI Increases ChatGPT Plus Quotas, Doubling Limits for o3 and o4-mini Models o3-mini GPT-5 GPT-4 retirement, GPT-4o ChatGPT quota, OpenAI update

OpenAI Increases ChatGPT Plus Quotas, Doubling Limits for o3 and o4-mini Models

Ddos April 25, 2025

ChatGPT enforces stringent usage quotas to conserve operational costs and prevent misuse. Even paid subscribers are subject...

Microsoft’s Patch for Symlink Exploit Introduces New Windows Update DoS Flaw inetpub vulnerability, Windows Update

Microsoft’s Patch for Symlink Exploit Introduces New Windows Update DoS Flaw

Ddos April 25, 2025

Previously, in an effort to patch security vulnerability (CVE-2025–21204) within the Windows operating system, Microsoft began creating...

Perplexity Eyes Chrome as DOJ Pressures Google Over Antitrust CVE-2024-10487 and CVE-2024-10488 Google Chrome Root Program Chrome Update, CVE-2025-3619 Chrome Acquisition, Perplexity.ai

CVE-2024-10487 and CVE-2024-10488 Google Chrome Root Program Chrome Update, CVE-2025-3619 Chrome Acquisition, Perplexity.ai

Perplexity Eyes Chrome as DOJ Pressures Google Over Antitrust

Ddos April 25, 2025

In addition to OpenAI expressing interest in acquiring Google’s Chrome browser business, Perplexity.ai has also signaled its...

EU Fines Apple and Meta €700 Million for Digital Markets Act Violations European Union cyberattacks - InvestAI EU Targets Musk’s X Digital Markets Act, EU fines

European Union cyberattacks - InvestAI EU Targets Musk’s X Digital Markets Act, EU fines

EU Fines Apple and Meta €700 Million for Digital Markets Act Violations

Ddos April 25, 2025

Previously, due to the Trump administration’s new tariff policies, the European Commission postponed sanctions against Apple and...

Russian IP Networks Fuel North Korea’s Global Cybercrime and Espionage Campaigns North Korea, Russian infrastructure

Russian IP Networks Fuel North Korea’s Global Cybercrime and Espionage Campaigns

Ddos April 25, 2025

A revealing new report from Trend Micro uncovers how Russian IP infrastructure is playing a pivotal role...

CVE-2024-2787: Apple Archive Flaw Enables Arbitrary File Write and Gatekeeper Bypass, PoC Releases CVE-2024-27876, Apple Archive Gatekeeper bypass

CVE-2024-27876, Apple Archive Gatekeeper bypass

CVE-2024-2787: Apple Archive Flaw Enables Arbitrary File Write and Gatekeeper Bypass, PoC Releases

Ddos April 25, 2025

A newly disclosed vulnerability in Apple’s proprietary libAppleArchive library, tracked as CVE-2024-27876, enables attackers to achieve arbitrary...

Power Parasites: Scam Campaign Targets Global Energy Brands Power Parasites, phishing

Power Parasites: Scam Campaign Targets Global Energy Brands

Ddos April 25, 2025

A sprawling phishing and scam operation, dubbed “Power Parasites” by the threat analysts at Silent Push, is...

WooCommerce Phishing Attack: Fake Vulnerability Exploits Store Owners

Ddos April 25, 2025

A new phishing campaign is targeting WooCommerce users with fake security vulnerability alerts, attempting to trick them...

Lumma Stealer: Advanced Obfuscation and Evasion Techniques Analysis

Ddos April 25, 2025

Lumma Stealer, a prevalent threat since its emergence in 2022, continues to evolve its tactics to evade...

Kimsuky’s PebbleDash Campaign: PowerShell Attacks & RDP Bypass Tactics Kimsuky Group PebbleDash Malware

Kimsuky’s PebbleDash Campaign: PowerShell Attacks & RDP Bypass Tactics

Ddos April 25, 2025

A recent report by the AhnLab Security intelligence Center (ASEC) has uncovered the latest tactics employed by...

ToyMaker’s Playbook: Cisco Talos Exposes IAB Tactics Leading to Cactus Ransomware ToyMaker Initial Access Broker Ransomware

ToyMaker’s Playbook: Cisco Talos Exposes IAB Tactics Leading to Cactus Ransomware

Ddos April 25, 2025

Cisco Talos’ 2023 incident response report unveils the operations of “ToyMaker,” a financially motivated Initial Access Broker...

CISA Clarifies CVE Program’s Stability Amid Funding Concerns

Ddos April 24, 2025

In response to recent media reports suggesting instability in the Common Vulnerabilities and Exposures (CVE) Program, the...

Redis Vulnerability Exposes Servers to Denial-of-Service Attacks Redis vulnerability, CVE-2025-21605

Redis Vulnerability Exposes Servers to Denial-of-Service Attacks

Ddos April 24, 2025

A high-severity vulnerability has been discovered in Redis, the popular open-source in-memory data structure store, which could...

GitLab Releases Security Update to Patch XSS and Account Takeover Flaws GitLab security, GitLab vulnerability

GitLab Releases Security Update to Patch XSS and Account Takeover Flaws

Ddos April 24, 2025

GitLab has issued a security advisory urging users to upgrade their self-managed GitLab installations immediately. The advisory...

LATEST NEWS

Tech News

Vulnerability

Cyber Security

Malware Alert

Data Leak