WhatsApp, the world’s largest messaging platform, has announced a major leap in privacy-preserving artificial intelligence (AI) with the introduction of its new “Private Processing” system. This technology enables users to access advanced AI features-such as message summarization and writing suggestions-while…
Category: Cyber Security News
Hackers Leveraging GetShared to Deploy Malware Bypassing Defenses
Cybercriminals have discovered a new attack vector utilizing the legitimate file-sharing service GetShared to distribute malware and conduct phishing campaigns. This emerging threat allows attackers to circumvent traditional email security measures by exploiting the trusted status of notifications from recognized…
Verizon 2025 Report Alarming Rise in Cyberattacks Via Third-Parties
Verizon Business recently released its 2025 Data Breach Investigations Report (DBIR), revealing a disturbing trend in the cybersecurity landscape: third-party involvement in data breaches has doubled to 30% over the past year, creating unprecedented challenges for organizations worldwide. This significant…
Avast Antivirus Vulnerability Let Attackers Escalate Privileges
Security researchers have disclosed a critical vulnerability in Avast Free Antivirus that could allow attackers to gain elevated system privileges and execute malicious code with kernel-level access. The vulnerability, tracked as CVE-2025-3500, received a high CVSS score of 8.8 and…
Unpatched Windows Shortcut Vulnerability Let Attackers Execute Remote Code – PoC Released
Security researcher Nafiez has publicly disclosed a previously unknown vulnerability affecting Windows LNK files (shortcuts) that can potentially allow attackers to execute code remotely without user interaction. Despite releasing a working proof-of-concept (PoC), Microsoft has declined to patch the flaw,…
GitAuto Strengthens Code Security By Automating QA At Scale
In the current software landscape, security breaches caused by untested or poorly tested code are both common and costly. While automated testing is often cited as a best practice, it remains inconsistently applied due to the manual overhead required. GitAuto,…
Chrome 136 Released With Patch For 20-Year-Old Privacy Vulnerability
The Chrome team has officially promoted Chrome 136 to the stable channel for Windows, Mac, and Linux, marking a significant update for users across platforms. The rollout, which will occur over the coming days and weeks, brings a host of…
Zero Trust Architecture – A CISO’s Blueprint for Modern Security
Zero-trust architecture has become essential for securing operations in today’s hyper-connected world, where corporate network boundaries have vanished and employees, cloud services, and data span multiple environments. This new reality has rendered traditional perimeter-based security models ineffective, exposing organizations to…
Top Cybersecurity Trends Every CISO Must Watch in 2025
In 2025, cybersecurity trends for CISOs will reflect a landscape that is more dynamic and challenging than ever before. The rapid pace of technological change, the proliferation of connected devices, and the growing sophistication of cyber threats are pushing organizations…
Cybersecurity in Mergers and Acquisitions – CISO Focus
Cybersecurity in mergers and acquisitions is crucial, as M&A activities represent key inflection points for organizations, offering growth opportunities while introducing significant security challenges. In today’s threat landscape, cybersecurity has become a decisive factor in M&A success, with studies showing…
NVIDIA Riva Vulnerabilities Exposes Enable Authorized Access to Cloud Environments
A critical security flaw in NVIDIA’s Riva framework, an AI-powered speech and translation service, has left cloud environments vulnerable to unauthorized access and exploitation. Trend Micro researchers uncovered two vulnerabilities-CVE-2025-23242 and CVE-2025-23243-stemming from misconfigured deployments that expose Riva’s gRPC and…
How Healthcare Providers Investigate And Prevent Cyber Attacks: Real-world Examples
According to IBM Security annual research, “Cost of a Data Breach Report 2024”, an average cost of a data breach in healthcare in 2024 was $9.77 million, the highest among all industries due to sensitive patient data and regulatory penalties. …
AirPlay Zero-Click RCE Vulnerability Enables Remote Device Takeover via Wi-Fi
A critical vulnerability in Apple’s AirPlay protocol, dubbed AirBorne, has exposed over 2.35 billion active Apple devices and tens of millions of third-party gadgets to remote code execution (RCE) attacks requiring no user interaction. Researchers at Oligo Security discovered that…
CISA Adds Broadcom Brocade Fabric OS Vulnerability to Known Exploited Vulnerabilities Catalog
CISA officially added a significant security flaw affecting Broadcom’s Brocade Fabric OS to its authoritative Known Exploited Vulnerabilities (KEV) Catalog, underscoring the urgent need for remediation across enterprise and government environments. The vulnerability, tracked as CVE-2025-1976, is classified as a…
OpenBSD 7.7 Released with Significant Performance & Security Enhancements
OpenBSD 7.7, the 58th release of the security-focused operating system, was officially launched on April 28, 2025. This release substantially improves multiple areas, including performance optimization, hardware support, and security enhancements. The new version features notable performance improvements, particularly on…
Google Warns of 75 Zero-Day Vulnerabilities Exploited in the Wild
Google’s Threat Intelligence Group (GTIG) has revealed that 75 zero-day vulnerabilities were exploited in the wild during 2024, highlighting both evolving attacker tactics and shifting targets in the global cybersecurity landscape. While this figure decreases from the 98 zero-days observed…
Europol Creates Operational Taskforce to Tackle Violence-as-a-Service
In response to the concerning rise of “violence-as-a-service” (VaaS) and the exploitation of youth by organized crime, Europol has announced the formation of a new Operational Task Force (OTF), codenamed GRIMM. This multinational initiative, led by Sweden, brings together law…
Google Chrome Vulnerability Let Attackers Escape Payload from Sandbox – Technical Details Disclosed
A critical vulnerability in Google Chrome has recently been discovered that allows malicious actors to break out of the browser’s protective sandbox environment, potentially giving attackers access to the underlying operating system. The flaw, identified as CVE-2025-2783, affects Chrome versions…
Hackers Actively Attacking Git Configuration Files From 4,800+ IP’s
A notable increase in malicious scanning for exposed Git configuration files has been observed, posing significant risks of codebase theft and credential exposure for organizations around the globe. Security researchers at GreyNoise Intelligence have documented a record spike in Git…
20.5 Million DDoS Attacks, With One Exceeding 4.8 Billion Packets
With a record-breaking 20.5 million Distributed Denial of Service (DDoS) attacks prevented in the first quarter alone, a 358% rise over the same period last year, Cloudflare has reported a historic spike in cyberattacks to start 2025. This explosive growth nearly equals…