Multiple ChatGPT Security Bugs Allow Rampant Data Theft
Attackers can use them to inject arbitrary prompts, exfiltrate personal user information, bypass safety mechanisms, and take other malicious actions.
-
-
Hackers Weaponize Windows Hyper-V to Hide Linux VM and Evade EDR Detection
The threat actor known as Curly COMrades has been observed exploiting virtualization technologies as a way to bypass security solutions and execute custom malware. According to a new report from Bitdefender, the adversary is said to have enabled the Hyper-V role on selected victim systems to deploy a minimalistic, Alpine Linux-based virtual machine. “This hidden…
-
WatchGuard Fireware OS IKEv2 Out-of-Bounds Vulnerability
What is the Vulnerability? A critical Out-of-Bounds Write vulnerability (CVE-2025-9242) exists in the WatchGuard Fireware OS iked process, which handles IKEv2 VPN connections. The flaw allows a remote, unauthenticated attacker to execute arbitrary code on affected devices. The vulnerability impacts both: – Mobile user VPNs using IKEv2, and – Branch Office VPNs using IKEv2 when…
-
SonicWall Confirms State-Sponsored Hackers Behind September Cloud Backup Breach
SonicWall has formally implicated state-sponsored threat actors as behind the September security breach that led to the unauthorized exposure of firewall configuration backup files. “The malicious activity – carried out by a state-sponsored threat actor – was isolated to the unauthorized access of cloud backup files from a specific cloud environment using an API call,”…
-
APT ‘Bronze Butler’ Exploits Zero-Day to Root Japan Orgs
A critical security issue in a popular endpoint manager (CVE-2025-61932) allowed Chinese state-sponsored attackers to backdoor Japanese businesses.
-
Nikkei Suffers Breach Via Slack Compromise
The Japanese media giant said thousands of employee and business partners were impacted by an attack that compromised Slack account data and chat histories.
-
Faster, safer, stronger: Sophos Firewall v22 security enhancements
Hardened kernel, remote integrity monitoring, an enhanced anti-malware engine, and more.
-
5 ways to strengthen your firewall and endpoint’s defenses against ransomware
Sophos Firewall uses intelligent TLS inspection and AI-powered analysts to reveal hidden threats — without compromising performance.
-
Operational Technology Security Poses Inherent Risks for Manufacturers
Despite increased awareness, manufacturers continue to face an onslaught of attacks.
-
Google Uncovers PROMPTFLUX Malware That Uses Gemini AI to Rewrite Its Code Hourly
Google on Wednesday said it discovered an unknown threat actor using an experimental Visual Basic Script (VB Script) malware dubbed PROMPTFLUX that interacts with its Gemini artificial intelligence (AI) model API to write its own source code for improved obfuscation and evasion. “PROMPTFLUX is written in VBScript and interacts with Gemini’s API to request specific…