11 nation-state groups from North Korea, China, and Russia are exploiting a vulnerability in a common feature of Microsoft Windows. Researchers at the Zero Day Initiative (ZDI) have found several campaigns exploiting the bug in Windows shortcut (.lnk) files, dating back to 2017. Microsoft hasn’t assigned a CVE number, but …
Read More »
Attackers are actively targeting OpenAI, exploiting CVE-2024-27564, a Server-Side Request Forgery (SSRF) vulnerability in OpenAI’s ChatGPT infrastructure. Veriti’s latest research reveals that this vulnerability, despite being classified as medium severity, has already been weaponized in real world attacks. Research uncovers: Active exploitation in the wild, with over 10,479 attack attempts …
Read More »
A recent report from Elastic reveals that threat actors misuse Amazon Web Services (AWS) Simple Notification Service (SNS) for malicious activities like data exfiltration and phishing. The research highlights potential abuse methods and ways to detect them. AWS SNS is a web service that enables users to send and receive …
Read More »
Forescout Research- Vedere Labs identified a series of intrusion based on two Fortinet vulnerabilities which began with the exploitation of FortiGate firewall appliance dubbed SuperBlack. Researchers track this between late january and early March. Fortinet disclosed two authentication bypass vulnerabilities: CVE-2024-55591 in January and CVE-2025-24472 in February. When Fortinet first …
Read More »
GreyNoise warns of a coordinated increase in the exploitation of Server-Side Request Forgery (SSRF) vulnerabilities across various platforms. “At least 400 IPs have been seen actively exploiting multiple SSRF CVEs simultaneously, with notable overlap between attack attempts,” the company said, adding it observed the activity on March 9, 2025. Countries …
Read More »
Ransomware attacks reached a record high in February, surpassing previous months, according to a Cyble report. The Cyble report tracked the number of victims listed by ransomware groups on their Tor-based data leak sites (DLS), which are used to shame victims and threaten data release unless ransoms are paid. Although …
Read More »
NTT Communications Corporation discovered illegal access to its facilities on February 5 and confirmed on February 6 that some information may have been leaked. An internal investigation revealed that some corporate customer service information from Order Information Distribution System may have been leaked. However, individual customer service information was not …
Read More »
India’s Maharashtra Deputy Chief Minister Devendra Fadnavis disclosed alarming cyber fraud figures for Pune in 2024 during the Assembly session. The city suffered losses of Rs6,007 crore across 1,504 cybercrime cases. Cyber fraud in Pune was almost five times greater than the total losses in Mumbai, Thane, and Nagpur, which …
Read More »
Cybersecurity researcher Jeremiah Fowler found that over a dozen unprotected databases from the German firm Lost and Found Software exposed 820,750 sensitive personal records about lost airport items and their owners in the U.S., Canada, and Europe. Misconfigured databases, now secured, previously exposed sensitive information such as images of lost …
Read More »
Cisco Talos found that an unknown attacker has been targeting organizations in Japan since January 2025. The attacker exploited the CVE-2024-4577 vulnerability in PHP on Windows to access victims’ machines. They used the “TaoWu” plugins from the Cobalt Strike kit for further actions. A pre-configured installer script was discovered on …
Read More »
InfoSecBulletin Cybersecurity for mankind
