Enterprise search and security company Elastic is rejecting reports of a zero-day vulnerability impacting its Defend endpoint detection and response (EDR) product. […]
OpenAI releases $4 ChatGPT plan, but it’s not available in the US for now
OpenAI has finally announced the GPT Go subscription, which costs just $4 in the US or INR 399 in India. […]
New GodRAT Trojan Targets Trading Firms Using Steganography and Gh0st RAT Code
Financial institutions like trading and brokerage firms are the target of a new campaign that delivers a previously unreported remote access trojan called GodRAT.
The malicious activity involves the “distribution of malicious .SCR (screen saver) files disguised as financial documents via Skype messenger,” Kaspersky researcher Saurabh Sharma said in a technical analysis published today.
The
The malicious activity involves the “distribution of malicious .SCR (screen saver) files disguised as financial documents via Skype messenger,” Kaspersky researcher Saurabh Sharma said in a technical analysis published today.
The
Pharma firm Inotiv says ransomware attack impacted operations
American pharmaceutical company Inotiv has disclosed that some of its systems and data have been encrypted in a ransomware attack, impacting the company’s business operations. […]
Microsoft Dissects PipeMagic Modular Backdoor
PipeMagic, which poses as a ChatGPT application, is a modular malware framework that provides persistent access and flexibility.
The post Microsoft Dissects PipeMagic Modular Backdoor appeared first on SecurityWeek.
Microsoft: August security updates break Windows recovery, reset
Microsoft has confirmed that the August 2025 Windows security updates are breaking reset and recovery operations on systems running Windows 10 and older versions of Windows 11. […]
Public Exploit for Chained SAP Flaws Exposes Unpatched Systems to Remote Code Execution
A new exploit combining two critical, now-patched security flaws in SAP NetWeaver has emerged in the wild, putting organizations at risk of system compromise and data theft.
The exploit in question chains together CVE-2025-31324 and CVE-2025-42999 to bypass authentication and achieve remote code execution, SAP security company Onapsis said.
The exploit in question chains together CVE-2025-31324 and CVE-2025-42999 to bypass authentication and achieve remote code execution, SAP security company Onapsis said.
CVE-2025-31324 (CVSS score: 10.0) – Missing
Australia’s TPG Telecom Investigating iiNet Hack
TPG Telecom has disclosed a cybersecurity incident after discovering unauthorized access to an iiNet order management system.
The post Australia’s TPG Telecom Investigating iiNet Hack appeared first on SecurityWeek.
Gabbard Says UK Scraps Demand for Apple to Give Backdoor Access to Data
Britain abandoned its demand that Apple provide backdoor access to any encrypted user data stored in the cloud.
The post Gabbard Says UK Scraps Demand for Apple to Give Backdoor Access to Data appeared first on SecurityWeek.
NY Business Council discloses data breach affecting 47,000 people
The Business Council of New York State (BCNYS) has revealed that attackers who breached its network in February stole the personal, financial, and health information of over 47,000 individuals. […]