AMD has revealed four new vulnerabilities that could enable attackers to access sensitive data via timing-based side-channel attacks. These vulnerabilities, called AMD-SB-7029 or Transient Scheduler Attacks, impact various AMD processors, including EPYC chips for data centers and Ryzen processors for enterprises. The recent disclosure has ignited a debate over threat …
Read More »
Jack Dorsey, co-founder of Twitter and Block Head, launched a new peer-to-peer messaging app called Bitchat, which operates solely over Bluetooth. Bitchat uses Bluetooth Low Energy mesh networks to send encrypted messages to nearby devices without needing internet or cellular service. “Bitchat addresses the need for resilient, private communication that …
Read More »
ThreatFabric researchers have discovered a new sophisticated campaign by the Anatsa banking trojan targeting mobile banking users in the U.S. and Canada. This is the malware’s third major attack on North American financial institutions. The latest campaign marks a serious increase in threats, as cybercriminals have breached the official Google …
Read More »
A 30-year-old robotics engineer from Chennai set off alarm bells in 11 states by allegedly sending hoax bomb threats. She used fake email IDs with the name of her love interest — who did not love her back and recently married someone else — to frame him as revenge for …
Read More »
Aim Labs discovered a zero-click AI vulnerability named “EchoLeak” in Microsoft 365 Copilot and reported several ways to exploit it to Microsoft’s MSRC team. The new attack method called “LLM Scope Violation” has been identified, which could also impact other RAG-based chatbots and AI agents. This finding marks a significant …
Read More »
Microsoft’s June Patch Tuesday update has arrived, addressing 66 vulnerabilities across its product line. One of these flaws was actively being exploited, making this update crucial for both businesses and individual users. One Zero-Day Actively Exploited: The important fix addresses CVE-2025-33053, a vulnerability in Windows WebDAV that could let attackers …
Read More »
In March 2025, the Threatfabric mobile Threat Intelligence team identified Crocodilus, a new Android banking Trojan designed for device takeover. Initial samples mostly came from test campaigns, with a few live campaigns observed. Croco-bonus – Get Free Malware! Initial Crocodilus samples indicated operations in Europe, primarily focusing on Turkey. Recently, …
Read More »
Global makers of surveillance gear have clashed with Indian regulators in recent weeks over contentious new security rules that require manufacturers of CCTV cameras to submit hardware, software and source code for assessment in government labs, official documents and company emails show. The security-testing policy has sparked industry warnings of …
Read More »
Recent security research has shown that attackers can weaken zero-trust security frameworks by exploiting a key DNS vulnerability, disrupting automated secret rotation. The research reveals a complex attack chain that starts with disrupting DNS servers and ends with unauthorized access to cloud services, exposing serious flaws in Non-Human Identity (NHI) …
Read More »
A nationwide phone network has gone down in Spain, shortly after blackouts caused chaos and significant financial losses. Emergency services in several regions had to issue new phone numbers after Telefonica’s network upgrades caused phone lines to fail. Reports in Spanish media state that landline telephones were the most impacted, …
Read More »
InfoSecBulletin Cybersecurity for mankind