Alert

Cisco has issued security updates to fix a critical vulnerability in the Unified Contact Center Express (UCCX) software that could allow attackers to gain root access. The Cisco UCCX platform, described by the company as a “contact center in a box,” is a software solution for managing customer interactions in …

Tenable researchers found 7 new vulnerabilities in OpenAI’s ChatGPT, putting users at risk of data theft and safety breaches through new attacks on AI systems dubbed HackedGPT. Flaws known as HackedGPT were found during testing of OpenAI’s ChatGPT-4o and some persist in ChatGPT-5. OpenAI has fixed some issues, but others …

BIND9 DNA Cache poisoning impact 267 IPs in Bangladesh via CVE: 2025-40778. The high severity flaw can allow remote attackers to inject forged DNS records into resolver caches. BGD e-GOV CIRT published an advisory stating all organizations operating BIND 9 resolvers in Bangladesh (ISPs, data centers, government, enterprises) must upgrade …

In recent time, Hacker exploited Windows, VMware and Linux flaw. On another side, Australia warn about of BadCandy infections on unpatched Cisco devices. VMware:  CISA added a serious security flaw affecting Broadcom VMware Tools and VMware Aria Operations to its Known Exploited Vulnerabilities list after reports of ongoing exploitation. The …

The government and Bangladesh Telecommunication Regulatory Commission (BTRC) have received credible information that some companies of Bangladesh Internet Service Providing (ISP) sector are trying to destroy the networks and businesses of rival ISPs through DDoS (Distributed Denial of Service) attacks organized from abroad according to Faiz Ahmad Taiyeb adviser (Ministry …

On October 29, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released updated guidance for organizations to detect and mitigate threats related to the CVE-2025-59287 vulnerability in Microsoft’s Windows Server Update Services (WSUS). CISA strongly urges organizations to implement Microsoft’s updated Windows Server Update Service (WSUS) Remote Code Execution Vulnerability …

Trellix Advanced Research Center (ARC) found a campaign targeting a European embassy in New Delhi, India. Further investigation uncovered multiple targeted institutions across Sri Lanka, Pakistan, and Bangladesh. This report analyzes the tactics used by SideWinder, an APT group known for espionage in Asia. The investigation shows that SideWinder has …

Thousands of Americans’ personal job-seeking details were publicly exposed because of an unsecured database linked to the House Democrats’ Official Online Resume Bank, DomeWatch.us. The security lapse was brought to light by the research firm Safety Detectives, after an anonymous cybersecurity researcher reported to them about an “unencrypted and non-password-protected …

A report reveals that over 3,000 malicious YouTube videos were used to spread infostealer malware. Check Point Research has named a major malware operation the “YouTube Ghost Network.” It uses fake YouTube accounts to spread infostealer malware like Rhadamanthys and Lumma. Game hacks and cheats and software cracks and piracy …

Bangladesh cyber security watchdog BGD e-GOV CIRT published an advisory (27.10.2025) regarding critical romote code execution vulnarability in Microsoft WSUS CVSS score 9.8 as per NVD, NIST. CIRT has detected a serious security flaw in Microsoft’s WSUS that could let an attacker fully control a WSUS server. This vulnerability not …