InfoSecBulletin Cybersecurity for mankind
A passback vulnerability has been found in some Canon printers, including production and multifunction models. If an attacker gains administrative access, they could obtain sensitive authentication information, including SMTP and LDAP connections. Affected Products: imageRUNNER ADVANCE Series imageRUNNER Series imagePRESS V Series imagePRESS Series imageCLASS Series i-sensys Series Satera Series …
Read More »TimeLine Layout
May, 2025
-
23 May
184 Million Leaked Credentials Discovered in Open Database
Security researchers have discovered a database with 184 million account credentials, highlighting the need to update compromised passwords, strengthen weak ones, and enable multi-factor authentication. Although the database is not new, it shows the ongoing circulation of leaked data from major platforms like Apple, Google, Microsoft, Amazon, Facebook, Instagram, and …
Read More » -
21 May
Palo Alto Networks Warns of XSS Flaw: PoC Released
Palo Alto Networks warns a reflected cross-site scripting (XSS) vulnerability, CVE-2025-0133, in the GlobalProtect gateway and portal features of its PAN-OS software. The flaw allows malicious JavaScript to run in the browsers of authenticated Captive Portal users when they click specific links. Organizations using the Clientless VPN feature face a …
Read More » -
21 May
Pwn2Own Berlin reveals 29 critical vulns in major tech firms
Pwn2Own Berlin 2025, a top cybersecurity contest, awarded $1,078,750 to researchers who discovered 29 zero-day vulnerabilities in various enterprise technologies. The event highlighted the increasing complexity of attack methods and the need for vendors to strengthen their defenses. Pwn2Own Berlin 2025, hosted by Trend Micro’s Zero Day Initiative (ZDI) over …
Read More » -
21 May
High-Severity Flaw Hits Atlassian Jira Data Center
A recently discovered vulnerability, CVE-2025-22157, threatens organizations using Atlassian’s Jira Core Data Center and Jira Service Management Data Center by enabling privilege escalation attacks, allowing attackers to gain elevated system privileges. This serious flaw has a CVSS score of 7.2, posing a significant risk to businesses using Atlassian’s project and …
Read More » -
20 May
All major mobile networks go down across Spain
A nationwide phone network has gone down in Spain, shortly after blackouts caused chaos and significant financial losses. Emergency services in several regions had to issue new phone numbers after Telefonica’s network upgrades caused phone lines to fail. Reports in Spanish media state that landline telephones were the most impacted, …
Read More » -
19 May
Researchers found 200 billion files exposed in cloud buckets
Billions of files, including documents, source code, and backups, are leaking because of misconfigured cloud storage. Cyble, a cybersecurity company focused on dark web monitoring and threat intelligence, reports its vulnerability search tool has found over 660,000 exposed buckets and 200 billion leaking files from seven major cloud providers. Filtering …
Read More » -
18 May
Bank server compromised using customer’s mobile, steal ₹11 crore
Cyber fraudsters hacked the Himachal Pradesh State Cooperative Bank’s server using a customer’s mobile phone. According to reports, the fraudsters hacked a customer’s mobile banking app at the bank’s Halti branch in Chamba district and withdrew Rs 11.55 crores, which was later transferred to 20 different bank accounts. The State …
Read More » -
18 May
“InfoSecCon-2025″ held successfully promising cyber resilience
“InfoSecCon-2025” was successfully held with tremendous audiences with various time demanding topics and keynotes at Dhaka on 16 May- 2025. The conference was fueled with 3 keynotes, 2 panel discussions and Q&A sessions makes the conference more dynamics. On the keynote on “Blockchain Technology: Enhancing Security in the Financial Sector” …
Read More » -
17 May
Intel PC, laptop and server processors affected for 6 years: Report
A new class of vulnerabilities in Intel processors, called Branch Predictor Race Conditions (BPRC), enables attackers to extract sensitive data from the cache and RAM of other users on the same hardware. Recent research by computer scientists from the Computer Security Group (COMSEC) at the Department of Information Technology and …
Read More »