A newly discovered vulnerability in OpenAI’s ChatGPT-4o, dubbed “Time Bandit,” poses a serious threat to users. This vulnerability allows hackers to bypass the chatbot’s built-in security features and use it to generate malicious content, including instructions for creating malware, phishing…
In the world of cybersecurity, threats are evolving at an incredible pace. However, some attack methods stand out due to their widespread use and high effectiveness. In its 2024 report, ANY.RUN identified the most commonly used Tactics, Techniques, and Procedures (TTPs) by cybercriminals. In…
Recently, cybersecurity experts have discovered a sophisticated cyberattack that has infected more than 10,000 WordPress sites, distributing malware to users. Attackers exploit vulnerabilities in outdated versions of WordPress and its plugins. This means that if WordPress or its plugins are…
A new and serious threat has emerged in the cybersecurity landscape – a ransomware group called Hellcat. This group leverages the Ransomware-as-a-Service (RaaS) model to target critical sectors such as government, education, and energy. Hellcat was first identified in mid-2024 and operates through…
As cybersecurity threats become increasingly complex, network devices from various companies are becoming prime targets for hackers. According to recent reports, a new zero-day vulnerability has been discovered in Zyxel CPE series devices. This vulnerability, registered as CVE-2024-40891, is currently…
This vulnerability allows attackers with specific capabilities to execute specially crafted SQL queries and gain unauthorized access to the database. It has been classified as a “Critical” security issue with a CVSSv3 score of 8.6. The vulnerability arises due to…
The Akira ransomware group, which has been actively operating in the Ransomware-as-a-Service (RaaS) space since March 2023, recently introduced a new Linux variant targeting VMware ESXi servers. This development poses a significant cybersecurity threat. Initially focused on Windows systems, Akira…
GitLab has released important security updates for its Community Edition (CE) and Enterprise Edition (EE) versions, addressing several vulnerabilities, including a high-risk Cross-Site Scripting (XSS) vulnerability. The most critical vulnerability is a stored XSS vulnerability (CVE-2025-0314) caused by improper rendering…
A new vulnerability has been discovered in Microsoft Outlook, identified as CVE-2025-21298. This vulnerability resides in the Windows Object Linking and Embedding (OLE) system, specifically in the ole32.dll component. It is caused by a “double-free” error and enables remote code…
Recent reports indicate that over 379 Ivanti Connect Secure (ICS) devices have been compromised through a newly discovered vulnerability—CVE-2025-0282. This vulnerability enables cybercriminals to install hidden “backdoors” and gain persistent access to systems. Description of the CVE-2025-0282 VulnerabilityCVE-2025-0282 is a…