50/68 Wednesday, February 5, 2025 Google has released the February 2025 Android security update, addressing 48 vulnerabilities, including the actively exploited Zero-Day CVE-2024-53104. This vulnerability is a privilege escalation flaw in the Kernel’s USB Video Class (UVC) driver, allowing attackers to gain elevated system privileges. The issue stems from improper handling of UVC_VS_UNDEFINED frames, potentially […]
49/68 Wednesday, February 5, 2025 Microsoft has announced that it will discontinue the VPN privacy protection feature in the Microsoft Defender app by February 28, 2025. The company cited low usage as the primary reason and stated that it aims to reallocate resources toward developing features that better align with customer needs. The VPN feature […]
48/68 Tuesday, February 4, 2025 U.S. and Dutch authorities have seized 39 domains and servers associated with the HeartSender cybercrime group, which operates out of Pakistan. The group, also known as Saim Raza and Manipulators Team, has been selling phishing tools and malware to cybercriminals since 2020, causing over $3 million in damages in the […]
47/68 Tuesday, February 4, 2025 Social engineering is a tactic that exploits human psychological weaknesses to gain access to sensitive information or systems, often without requiring sophisticated technical skills. Instead, it manipulates emotions such as trust, fear, or respect for authority. The rise of artificial intelligence (AI) has transformed the landscape of social engineering attacks, […]
46/68 Monday, February 3, 2025 Tata Technologies, a subsidiary of Tata Motors specializing in product engineering services for automotive, aerospace, and industrial equipment manufacturers, has confirmed that it was targeted by a ransomware attack. The incident affected parts of its IT infrastructure, prompting the company to take preventive measures, including temporarily suspending certain IT services. […]
45/68 Monday, February 3, 2025 Google has released its latest report revealing that Advanced Persistent Threat (APT) groups, or state-sponsored hacker groups from multiple countries, are experimenting with Gemini, Google’s AI assistant, to enhance their cyber operations. These groups are not using AI for direct attacks but rather as a tool to assist in code […]
44/68 Friday, January 31, 2025 A Critical Vulnerability has been discovered in the Cacti Framework, an open-source platform for network monitoring and fault management. This vulnerability, identified as CVE-2025-22604, could allow an authenticated attacker to perform Remote Code Execution (RCE) on affected servers. It has been assigned a CVSS score of 9.1 and originates from […]
43/68 Friday, January 31, 2025 Cybersecurity researchers have issued a warning about a critical zero-day vulnerability affecting Zyxel CPE Series devices, which are currently under heavy attack. The vulnerability, identified as CVE-2024-40891, is an unpatched command injection flaw that could allow attackers to execute arbitrary commands on affected devices. This could lead to system breaches, […]
42/68 Thursday, January 30, 2025 VMware has released a patch to fix CVE-2025-22217, a Blind SQL Injection vulnerability with a CVSS severity score of 8.6. This vulnerability allows attackers with network access to send specially crafted SQL queries to the system’s database without authentication. Avi Load Balancer, formerly known as Avi Vantage, is a Software-Defined […]
41/68 Thursday, January 30, 2025 Google has announced that it will discontinue the Chrome Sync feature for users running Google Chrome versions older than four years, starting in early 2025. This decision aims to encourage users to update their browsers to the latest version for improved security and performance. Chrome Sync is a feature that […]
