• CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices:

    • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) identified a security flaw in SonicWall Secure Mobile Access (SMA) 100 Series gateways being actively exploited.

  • Apple Patches Two Actively Exploited iOS Flaws:

    • Apple released security updates for iOS, iPadOS, macOS Sequoia, tvOS, and visionOS to address two actively exploited security flaws.

  • New Windows Task Scheduler Bugs Discovered:

    • Cybersecurity researchers found four vulnerabilities in the Windows task scheduling service that could allow local attackers to escalate privileges.

  • Over 16,000 Fortinet devices compromised with symlink backdoor:

    • More than 16,000 Fortinet devices were discovered to be compromised with a symlink backdoor, granting read-only access to sensitive files.

  • Google Blocked 5.1B Harmful Ads in 2024:

    • Google revealed it suspended over 39.2 million advertiser accounts in 2024 and blocked 5.1 billion harmful ads.

  • Gamma AI Platform Abused in Phishing Chain:

    • Threat actors are using an AI-powered platform called Gamma in phishing attacks to direct users to fake Microsoft login pages.

  • Ransomware Gang ‘CrazyHunter’ Targets Critical Taiwanese Orgs:

    • Trend Micro researchers identified a new ransomware group named “CrazyHunter” targeting critical sectors in Taiwan.

  • Patch Now: NVIDIA Flaws Expose AI Models, Critical Infrastructure:

    • A critical flaw in a tool for running GPU-accelerated containers exposed vulnerabilities in AI models and critical infrastructure.

  • CISA extends funding to ensure ’no lapse in critical CVE services’:

    • CISA extended funding to MITRE to ensure the continuity of the Critical Common Vulnerabilities and Exposures (CVE) program.

  • Chinese Android Phones Shipped with Fake WhatsApp, Telegram Apps:

    • Chinese Android smartphones were found to have trojanized apps posing as WhatsApp and Telegram, containing cryptocurrency clipper functionality.