InfoSecBulletin Cybersecurity for mankind
Banglalink, the country’s leading digital operator, has launched bCloud, its very own cloud service brand aimed at delivering world-class cloud solutions to its valued enterprise business clientele. The launch is in partnership with Pico Public Cloud, an affiliated company of Fiber@Home, the nation’s largest transmission network provider. The launching ceremony …
Read More »TimeLine Layout
April, 2025
-
30 April
Researcher Found Multiple Vulnerabilities In Apple’s AirPlay Protocol
Security vulnerabilities in Apple’s AirPlay Protocol and SDK put both third-party and Apple devices at risk of various attacks, including remote code execution. Oligo Security researchers found flaws that can be exploited in zero-click and one-click remote code execution (RCE) attacks, man-in-the-middle (MITM) attacks, denial of service (DoS) attacks, and …
Read More » -
29 April
Massive Attack: Hacker Actively Use 4800+ IPs To Attack Git Configuration Files
A recent increase in cyber reconnaissance has endangered thousands of organizations, as GreyNoise, a global threat intelligence platform, reported a significant rise in attempts to access sensitive Git configuration files. On April 20 and 21, GreyNoise recorded over 4,800 unique IPs targeting these files, marking a record high and indicating …
Read More » -
29 April
CISA Adds Actively Exploited Broadcom Flaws to KEV Database
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two high-severity security flaws affecting Broadcom Brocade Fabric OS and Commvault Web Server to its Known Exploited Vulnerabilities (KEV) catalog on Monday due to evidence of active exploitation. The vulnerabilities in question are listed below: CVE-2025-1976 (CVSS score: 8.6): A code …
Read More » -
29 April
Google reports 97 zero-days exploited in 2024, 50% in spyware attacks
Google’s Threat Intelligence Group (GTIG) reported that in the year 2024, attackers exploited 75 zero-day vulnerabilities, with over 50% related to spyware attacks. The number of zero-day vulnerabilities is down from 97 in 2023 but up from 63 in 2022. GTIG analysts note that this year-to-year fluctuation reflects an overall …
Read More » -
29 April
Palo Alto Networks to Acquire AI Security Firm “Protect AI”
On Monday, Palo Alto Networks confirmed it is acquiring the US-based AI security company Protect AI. Protect AI has created a platform for organizations to secure AI models, perform AI red teaming, and ensure AI runtime security. Palo Alto Networks announced that acquiring Protect AI will enhance its ability to …
Read More » -
28 April
CISA Releases Seven ICS Advisories
On April 24, 2025, CISA published seven advisories addressing security issues, vulnerabilities, and exploits related to Industrial Control Systems (ICS). ICSA-25-114-01 Schneider Electric Modicon Controllers ICSA-25-114-02 ALBEDO Telecom Net.Time – PTP/NTP Clock ICSA-25-114-03 Vestel AC Charger ICSA-25-114-04 Nice Linear eMerge E3 ICSA-25-114-05 Johnson Controls Software House iSTAR Configuration Utility (ICU) …
Read More » -
28 April
India Launches First Quantum Computing Village in Amaravati
India has taken a monumental stride toward next-generation technology by initiating its first Quantum Computing Village, a state-of-the-art project in Amaravati, Andhra Pradesh, spearheaded by the Real-Time Governance Society (RTGS). Supported by major companies like IBM, TCS, and L&T, the initiative seeks to develop a top-tier ecosystem for quantum hardware …
Read More » -
28 April
400+ SAP NetWeaver Devices Vulnerable to 0-Day Attacks
Shadow servers found 454 vulnerable SAP NetWeaver systems at risk from a critical zero-day exploit currently being used in attacks. CVE-2025-31324 is a vulnerability that lets unauthenticated attackers upload malicious files to affected systems, risking full system compromise. A severe flaw with a CVSS score of 10.0 affects the Metadata …
Read More » -
28 April
30 Teams Qualify for Online Preliminary Round At UAP CTF Contest
Blind_Virus, DU_Featherless_Bipeds and Hidden investigations team secure the 1st , 2nd and 3rd positions accordingly for online preliminary round at CTF contest of UAP Cyber SIEGE-2025. After an intense and thrilling online preliminary round held from 26 April, 4:00 PM to 27 April, 3:30 AM, 𝟑𝟎 outstanding teams have secured …
Read More »
