Attackers linked to the Play ransomware operation deployed a zero-day privilege escalation exploit during an attempted attack against an organization in the U.S. The attack occurred prior to the disclosure and patching of a Windows elevation of privilege zero-day vulnerability (CVE-2025-29824) in the Common Log File System Driver (clfs.sys) on …
Read More »CVE-2025-29824
Palo Alto Networks to Acquire AI Security Firm “Protect AI”
On Monday, Palo Alto Networks confirmed it is acquiring the US-based AI security company Protect AI. Protect AI has created a platform for organizations to secure AI models, perform AI red teaming, and ensure AI runtime security. Palo Alto Networks announced that acquiring Protect AI will enhance its ability to …
Read More »India Launches First Quantum Computing Village in Amaravati
India has taken a monumental stride toward next-generation technology by initiating its first Quantum Computing Village, a state-of-the-art project in Amaravati, Andhra Pradesh, spearheaded by the Real-Time Governance Society (RTGS). Supported by major companies like IBM, TCS, and L&T, the initiative seeks to develop a top-tier ecosystem for quantum hardware …
Read More »Amazon Follows Microsoft’s Lead, Halts Some Data Center Deals
Amazon has paused some data center lease negotiations for its cloud division, particularly in international markets, according to Wells Fargo analysts on Monday. “This is routine capacity management, and there haven’t been any recent fundamental changes in our expansion plans,” said Kevin Miller, vice president of Amazon Web Services (AWS) …
Read More »16,000+ Fortinet devices compromised with symlink backdoor, Mostly in Asia
According to Shadowserver Foundation around 17,000 Fortinet devices worldwide have been compromised using a new technique called “symlink”. This number has increased from the initial 14,000 and is expected to rise as investigations continue. The attack takes advantage of known vulnerabilities in Fortinet’s FortiGate devices. After gaining access, the threat …
Read More »PwC exits more than a dozen countries in push to avoid scandals: FT reports
PwC has ceased operations in more than a dozen countries that its global bosses have deemed too small, risky or unprofitable, as it seeks to avoid a repeat of scandals that have plagued the accounting network. The Big Four accounting firm, which operates as a global network of locally owned …
Read More »Australian Cyber Security Centre Alert for Fortinet Products
The Australian Cyber Security Centre (ACSC) has alerted technical users in both private and public sectors about ongoing exploitation of known vulnerabilities following a new advisory highlighting the exploitation of previously known vulnerabilities in Fortinet products. Organizations are urged to take immediate action. Fortinet has detected that attackers are exploiting …
Read More »Top 10 Malware Threats of the Week: Reports ANY.RUN
Cybersecurity platform ANY.RUN recently reported the top 10 malware threats of the week, highlighting a surge in activity for information stealers Lumma and Snake. The findings shared in a detailed post on X highlight the changing nature of cyber threats and the need for proactive tracking to reduce risks. Lumma …
Read More »Within Minute, RamiGPT To Escalate Privilege Gaining Root Access
RamiGPT is an AI security tool that targets root accounts. Using PwnTools and OpwnAI, it quickly navigated privilege escalation scenarios on various VulnHub systems, achieving root access in under a minute. Configuration: Setting Up Your OpenAI API Key: To use RamiGPT, you need an OpenAI API key. Here’s how to …
Read More »WhatsApp patched zero-click flaw exploited in spyware attacks
WhatsApp has patched a zero-click, zero-day vulnerability used to install Paragon’s Graphite spyware following reports from security researchers at the University of Toronto’s Citizen Lab. The company addressed the attack vector late last year “without the need for a client-side fix” and decided not to assign a CVE-ID after “reviewing …
Read More »