When ChatGPT first came out, I asked a panel of CISOs what it meant for their cybersecurity programs. They recognized impending changes, but reflected on […]
Author: cyberbytes
Xiaomi Interoperability App Flaw Allows Unauthorized Access to User Devices
A critical security vulnerability, tracked as CVE-2024-45347, has been discovered in Xiaomi’s Mi Connect Service App, exposing millions of users to the risk of unauthorized […]
OWASP Launches AI Testing Guide to Uncover Vulnerabilities in AI Systems
As artificial intelligence (AI) becomes a cornerstone of modern industry, the Open Web Application Security Project (OWASP) has announced the release of its AI Testing […]
Advanced Malware Campaign Targets WordPress and WooCommerce Sites with Hidden Skimmers
The Wordfence Threat Intelligence Team uncovered a sophisticated malware campaign during a routine site cleanup, revealing a family of malicious code targeting WordPress and WooCommerce […]
Iranian cyber threats overhyped, but CISOs can’t afford to let down their guard
Over the past ten days, real-world military attacks have fostered fears that Iranian threat actors would launch cyberattacks on US organizations as part of a […]
Aviatrix Cloud Controller Flaw Enables Remote Code Execution via Authentication Bypass
A Mandiant Red Team engagement has uncovered two critical vulnerabilities in Aviatrix Controller—cloud networking software used to manage multi-cloud environments. The flaws enable full system […]
WinRAR Vulnerability Exploited with Malicious Archives to Execute Code
A newly disclosed vulnerability in RARLAB’s WinRAR, the widely used file compression utility for Windows, has put millions of users at risk of remote code […]
Notepad++ Vulnerability Allows Full System Takeover — PoC Released
A critical privilege escalation vulnerability (CVE-2025-49144) in Notepad++ v8.8.1 enables attackers to achieve full system control through a supply-chain attack. The flaw exploits the installer’s […]
New Echo Chamber Attack Breaks AI Models Using Indirect Prompts
A groundbreaking AI jailbreak technique, dubbed the “Echo Chamber Attack,” has been uncovered by researchers at Neural Trust, exposing a critical vulnerability in the safety […]
China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom
The Canadian Centre for Cyber Security and the U.S. Federal Bureau of Investigation (FBI) have issued an advisory warning of cyber attacks mounted by the […]