OpenAI Set to Acquire Analytics Platform Statsig in $1.1 Billion Agreement
OpenAI announced today its definitive agreement to acquire Statsig, a product experimentation and analytics platform, for $1.1 billion. The acquisition is a key move by…
Category: CyberSecurityNews
Chrome 140 Released With Fix For Six Vulnerabilities that Enable Remote Code Execution Attacks
Google has officially promoted Chrome 140 to the stable channel, initiating a multi-platform rollout for Windows, Mac, Linux, Android, and iOS. The update brings the…
PoC Exploit Released for IIS WebDeploy Remote Code Execution Vulnerability
A proof-of-concept exploit for CVE-2025-53772, a critical remote code execution vulnerability in Microsoft’s IIS Web Deploy (msdeploy) tool, was published this week, raising urgent alarms across the .NET…
Android Security Update – Patch for 0-Day Vulnerabilities Actively Exploited in Attack
In response to the discovery of actively exploited 0-day vulnerabilities, Google has released its September 2025 Android Security Bulletin, rolling out patch level 2025-09-05 to…
CISA Warns of WhatsApp 0-Day Vulnerability Exploited in Attacks
CISA has issued an urgent advisory concerning a newly disclosed zero-day vulnerability in Meta Platforms’ WhatsApp messaging service (CVE-2025-55177). This flaw, categorized under CWE-863: Incorrect…
New TinyLoader Malware Attacking Windows Users Via Network Shares and Fake Shortcuts Files
A stealthy new malware loader dubbed TinyLoader has begun proliferating across Windows environments, exploiting network shares and deceptive shortcut files to compromise systems worldwide. First…
Hackers Leverage Hexstrike-AI Tool to Exploit Zero Day Vulnerabilities Within 10 Minutes
Threat actors are rapidly weaponizing Hexstrike-AI, a recently released AI-powered offensive security framework, to scan for and exploit zero-day CVEs in under ten minutes. Originally…
AI-Powered Cybersecurity Tools Can Be Turned Against Themselves Through Prompt Injection Attacks
AI-powered cybersecurity tools can be turned against themselves through prompt injection attacks, allowing adversaries to hijack automated agents and gain unauthorized system access. Security researchers…
Cloudflare Confirms Data Breach, Hackers Stole Customer Data from Salesforce Instances
Cloudflare has confirmed a data breach where a sophisticated threat actor accessed and stole customer data from the company’s Salesforce instance. The breach was part…
New Phishing Attack Via OneDrive Attacking C-level Employs for Corporate Credentials
A sophisticated spear-phishing campaign has emerged targeting senior executives and C-suite personnel across multiple industries, leveraging Microsoft OneDrive as the primary attack vector. The campaign…
ESPHome Web Server Authentication Bypass Vulnerability Exposes Smart Devices
A critical security vulnerability discovered in ESPHome’s web server component has exposed thousands of smart home devices to unauthorized access, effectively nullifying basic authentication protections…
Google Confirms That Claims of Major Gmail Security Warning are False
Google has officially debunked widespread reports claiming the company issued a major security warning to Gmail users, clarifying that such claims are entirely false. The…