Synology Vulnerability Allows Remote Code Execution
A major security flaw in Synology’s DiskStation Manager (DSM) software could allow remote attackers to take full control of affected systems—no user interaction required. Synology, a leading provider of network-attached storage (NAS) systems used by businesses and individuals for secure file storage and backup, confirmed the vulnerability after it was publicly demonstrated at the Pwn2Own […]
Google Confirms Data Deletion Error in Drive and Photos
Google has admitted to a technical error that caused some users’ files to be accidentally and permanently deleted from Google Drive and Google Photos. The issue happened during server maintenance and affected an unknown number of users. According to a report from Forbes, users began reporting missing files earlier this month, including documents, backups, photos, […]
Cloudflare Unveils ‘AI Labyrinth’ to Thwart Unauthorized Web Scraping
Cloudflare has introduced ‘AI Labyrinth,’ an innovative tool designed to combat unauthorized web scraping by AI bots. This free, opt-in feature detects inappropriate bot behaviour and diverts malicious crawlers into an endless series of AI-generated decoy pages, effectively consuming their resources and hindering data extraction efforts. Traditional methods, such as the ‘robots.txt’ file, rely on […]
Anthropic’s Claude Now Has Real-Time Web Search, Playing Catch Up With OpenAI
Anthropic has announced that its AI assistant, Claude, now possesses real-time web search capabilities, enabling it to access and process up-to-date information from the internet. Although reports are that this feature is currently available to paid users in the United States, with plans to expand access in the near future, we were able to get […]
OpenAI Introduces GPT-4o Voice Models, Simplifying Speech Integration for Developers
OpenAI has unveiled three new voice AI models—gpt-4o-transcribe, gpt-4o-mini-transcribe, and gpt-4o-mini-tts—designed to streamline the addition of speech capabilities to applications. These models, accessible via OpenAI’s API, enable developers to incorporate speech-to-text and text-to-speech functionalities into their apps with minimal effort. citeturn0search1 Building upon the GPT-4o architecture introduced in May 2024, these models have undergone extensive […]
New Browser-in-the-Middle Attack Bypasses MFA, Steals User Sessions in Seconds
A sophisticated cyberattack technique known as Browser-in-the-Middle (BitM) has emerged, enabling hackers to bypass multi-factor authentication (MFA) and hijack user sessions within seconds. This method exploits web browser functionalities to intercept authenticated sessions, posing a significant threat to organizations relying on traditional security measures. citeturn0search0 In a BitM attack, victims are directed through an attacker-controlled […]
Oracle Cloud Hit By Biggest Supply Chain Attack of 2025 – 140,000 Businesses At Risk
A significant security breach has compromised Oracle Cloud’s infrastructure, exposing approximately 6 million records and placing over 140,000 businesses at risk. Cybersecurity firm CloudSEK identified the breach on March 21, 2025, attributing it to a threat actor known as “rose87168.” The attacker is not well known in cybersecurity circles, but has demonstrated what experts are […]
CISA Red Team Terminations Raise Concern Over U.S. Cybersecurity
Recent operational upheavals within the Cybersecurity and Infrastructure Security Agency’s (CISA) Red Team are prompting serious concerns about the robustness of U.S. cyber defenses. The Red Team, tasked with simulating cyberattacks to identify vulnerabilities in federal systems, has experienced significant disruptions due to budgetary measures implemented by the Department of Government Efficiency (DOGE). In late […]
