InfoSecBulletin Cybersecurity for mankind
Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data breaches, website defacement and so on. Its our daily security digest to cover the latest happenings in the world.
Spend a bit time to read out todays update:
Micropatches released for Windows zero-day leaking NTLM hashes
By infosecbulletin
/ Wednesday , March 26 2025
Unofficial patches are available for a new Windows zero-day vulnerability that allows remote attackers to steal NTLM credentials by deceiving...
Read More
VMware Patches Authentication Bypass Flaw in Windows Tool
By infosecbulletin
/ Wednesday , March 26 2025
On Tuesday, VMware issued an urgent fix for a security flaw in its VMware Tools for Windows. CVE-2025-22230 allows a...
Read More
IngressNightmare
Over 40% of cloud environments are vulnerable to RCE
By infosecbulletin
/ Tuesday , March 25 2025
Kubernetes users of the Ingress NGINX Controller are advised to fix four newly found remote code execution ( RCE) vulnerabilities,...
Read More
(CVE-2025-29927)
Urgently Patch Your Next.js for Authorization Bypass
By infosecbulletin
/ Tuesday , March 25 2025
Next.js, a widely used React framework for building full-stack web applications, has fixed a serious security vulnerability. Used by many...
Read More
Oracle refutes breach after hacker claims 6 million data theft
By infosecbulletin
/ Sunday , March 23 2025
A hacker known as “rose87168” claims to have stolen six million records from Oracle Cloud servers. The stolen data includes...
Read More
Russian zero-day seller to offer up to $4 million for Telegram exploits
By infosecbulletin
/ Saturday , March 22 2025
Operation Zero, a Russian zero-day broker, is offering up to $4 million for Telegram exploits. They seek $500K for one-click...
Read More
Cybercriminals Exploit Checkpoint’s Driver in a BYOVD Attack
By infosecbulletin
/ Friday , March 21 2025
Threat actors are exploiting a component of CheckPoint's ZoneAlarm antivirus to bypass Windows security measures. Nima Bagheri, a security researcher...
Read More
IBM and Veeam Release Patches in AIX System and Backup
By infosecbulletin
/ Friday , March 21 2025
IBM has resolved two critical vulnerabilities in its AIX operating system that could allow command execution. The list of shortcomings,...
Read More
WhatsApp patched zero-click flaw exploited in spyware attacks
By infosecbulletin
/ Wednesday , March 19 2025
WhatsApp has patched a zero-click, zero-day vulnerability used to install Paragon's Graphite spyware following reports from security researchers at the...
Read More
CVE-2025-24472
CISA Warns of Fortinet FortiOS Auth Bypass Vuln Exploited in Wild
By infosecbulletin
/ Wednesday , March 19 2025
CISA has issued a critical alert about a critical vulnerability in Fortinet’s FortiOS and FortiProxy systems. CVE-2025-24472, an authentication bypass...
Read More
UK supermarket supply chains hit by cyber attack on Blue Yonder (Source: The Loadstar)
RansomHub gang says it broke into networks of Texas city, Minneapolis agency (Source: The Record)
England and Wales prison layouts reportedly leaked on dark web (Source: BBC)
Major cybercrime operation across 19 African countries nets 1,006 suspects (Source: INTERPOL)
