Tuesday , April 1 2025

infosecbulletin

Update Alert!
Google Warns of Critical Android Vulns Under Attack

Android

Google’s March 2025 Android Security Bulletin has unveiled two critical vulnerabilities—CVE-2024-43093 and CVE-2024-50302—currently under limited, targeted exploitation. These flaws affect Android versions 12 to 15, posing increasing risks for billions of devices. The bulletin requires the immediate installation of the 2025-03-05 security patch to address remote code execution and privilege …

Read More »

CISA adds Cisco and Windows vulns as actively exploited

Windows

CISA has advised US federal agencies to secure their systems against attacks targeting vulnerabilities in Cisco and Windows. Although these flaws are being actively exploited, CISA has not shared specific details about the attacks or the perpetrators. CVE-2023-20118 allows attackers to execute arbitrary commands on RV016, RV042, RV042G, RV082, RV320, …

Read More »

10 New Vulnerabilities Discovered in MediaTek Chipsets

MediaTek

MediaTek has released its March 2025 Product Security Bulletin, which highlights new security vulnerabilities affecting various chipsets in smartphones, tablets, AIoT devices, smart displays, OTT hardware, computer vision platforms, audio systems, and smart TVs. The bulletin reports 10 vulnerabilities, three of which are high severity. The high-severity ones could enable …

Read More »

Qualcomm’s March 2025 Security Bulletin Highlights Major Vulns

March 2025

Qualcomm’s March 2025 Security Bulletin addresses vulnerabilities in its products, including automotive systems, mobile chipsets, and networking devices. It includes fixes for critical issues like memory corruption and input validation flaws. Critical vulnerabilities have been identified in automotive systems, particularly affecting the QNX operating system (CVE-2024-53012, CVE-2024-53022, CVE-2024-53029, CVE-2024-53030, CVE-2024-53031, …

Read More »

Cyberattack detected at Polish space agency, minister says

Polish Space Agency

On Sunday, Poland Minister for Digitalisation Krzysztof Gawkowski said that Polish cybersecurity services found unauthorized access to the IT infrastructure of the Polish Space Agency (POLSA). “In connection with the incident, the systems under attack were secured … Intensive operational activities are also underway to identify who is behind the …

Read More »

Nearly 12,000 API Keys and Passwords Found in Public Datasets

Passwords

Security researchers found that datasets used by companies to develop large language models included API keys, passwords, and other sensitive credentials. Large language models are dominating the online landscape, with companies promoting AI solutions that claim to solve all problems. For an AI to be effective, it needs extensive training …

Read More »

DragonForce Ransomware Targets Saudi Company, 6TB Data Stolen

DragonForce ransomware targets organizations in Saudi Arabia. An attack on a major Riyadh real estate and construction firm led to the theft of more than 6TB of sensitive data. Resecurity’s new advisory reports that threat actors announced a breach on February 14, 2025, demanding ransom before releasing stolen information. The …

Read More »

Microsoft Uncovers Hackers Selling Illegal Azure AI Access

Azure

Microsoft has filed an amended complaint in recent civil litigation, naming the main developers of malicious tools that bypass the safeguards of generative AI services, including its Azure OpenAI Service. The legal action aims to stop their actions, dismantle their illegal operation, and deter others from misusing AI technology. The …

Read More »

By 2025, India’s First Semiconductor Chip to be ready

semiconductor

At the Global Investors Summit 2025, Union Minister Ashwini Vaishnaw announced that India’s first indigenous semiconductor chip will be ready for production by 2025, showcasing the significant growth of Madhya Pradesh’s electronics manufacturing sector. Minister Vaishnaw congratulated the HLBS family on their new plant’s inauguration, which coincided with Mahashivratri. He …

Read More »