InfoSecBulletin Cybersecurity for mankind
Microsoft has filed an amended complaint in recent civil litigation, naming the main developers of malicious tools that bypass the safeguards of generative AI services, including its Azure OpenAI Service. The legal action aims to stop their actions, dismantle their illegal operation, and deter others from misusing AI technology. The …
Read More »TimeLine Layout
March, 2025
February, 2025
-
28 February
By 2025, India’s First Semiconductor Chip to be ready
At the Global Investors Summit 2025, Union Minister Ashwini Vaishnaw announced that India’s first indigenous semiconductor chip will be ready for production by 2025, showcasing the significant growth of Madhya Pradesh’s electronics manufacturing sector. Minister Vaishnaw congratulated the HLBS family on their new plant’s inauguration, which coincided with Mahashivratri. He …
Read More » -
27 February
CVE-2025-20111
Cisco Warns Vulns in Nexus 3000 and 9000 Series Switches
Cisco has warned of a critical vulnerability, CVE-2025-20111, in several Nexus switch models. This flaw could let attackers remotely crash the devices, leading to a denial of service (DoS). Cisco reports that a vulnerability exists due to improper handling of certain Ethernet frames. An attacker can exploit this by repeatedly …
Read More » -
27 February
CVE-2025-0475 & CVE-2025-0555
GitLab’s High-Risk Flaw, Patch Now Urgently!
GitLab has released a security advisory, urging all self-managed installations to upgrade to versions 17.9.1, 17.8.4, or 17.7.6 due to critical vulnerabilities, including serious Cross-Site Scripting (XSS) issues that may compromise user data. The Kubernetes proxy vulnerability (CVE-2025-0475) has a CVSS score of 8.7, signifying a high risk. It affects …
Read More » -
27 February
Botnet Powered by 130,000 Devices Targets Microsoft 365 Accounts
A China-linked botnet is targeting Microsoft 365 accounts with widespread password spraying attacks, according to a report by SecurityScorecard. A security firm reports that a botnet with over 130,000 compromised devices is targeting Microsoft 365 accounts through non-interactive sign-ins using Basic Authentication. “Non-interactive sign-ins, commonly used for service-to-service authentication, legacy …
Read More » -
26 February
HaveIBeenPwned Added 244 Million Passwords Stolen By Infostealers
A breach notification site has added millions of new passwords and email addresses obtained from infostealer malware. Troy Hunt, founder of HaveIBeenPwned (HIBP), added 244 million new passwords and 284 million new email accounts to the database after analyzing 1.5TB of stolen logs posted on Telegram. Hunt identified an account called …
Read More » -
26 February
Hackers Exploits RCE flaw in Cisco Small Business Router
Cybersecurity researchers have discovered a campaign exploiting a remote command execution vulnerability, CVE-2023-20118, in Cisco Small Business Routers. This vulnerability affects models RV016, RV042, RV042G, RV082, RV320, and RV325. The flaw in these devices is their web-based management interface, which has poor input validation. This allows unauthorized attackers to run …
Read More » -
26 February
CISA Alerts For Active Exploited Zimbra and Microsoft flaw
CISA has added two critical vulnerabilities to its Known Exploited Vulnerabilities catalog, urging organizations to quickly patch their systems to prevent exploitation. New vulnerabilities, CVE-2023-34192 and CVE-2024-49035, affect popular platforms and pose serious risks to public and private sectors. CVE-2023-34192 is a high-severity Cross-Site Scripting (XSS) vulnerability in Zimbra Collaboration …
Read More » -
25 February
200 Fake GitHub Repos Attacking Developers to Deliver Malware
A new cyber campaign called GitVenom poses a serious risk to developers. Security researchers found over 200 fake GitHub repositories that disguise themselves as legitimate projects to distribute information stealers and remote access trojans (RATs). For almost two years, these repositories have exploited developers’ trust in open-source platforms to access …
Read More » -
25 February
Renew Dubai visa within minutes with AI-powered Salama
Residents of Dubai can now easily renew their visas with the new AI-powered digital platform launched by the General Directorate of Residency and Foreigners Affairs (GDRFA) of Dubai. AI powered “Salama” allows residents to renew their visas in minutes and download the updated documents directly, avoiding paperwork and long wait …
Read More »