Author: Uday Patil
-
ChatGPT SSRF Vulnerability Exploited by 10,000+ IPs Targeting US Agencies
CRITICAL CYBERSECURITY ALERT Date: November 2025 • Threat: CVE-2024-27564 (Server-Side Request Forgery) Why it matters: Threat actors are abusing ChatGPT’s pictureproxy component to force internal HTTP requests, harvesting data and targeting US government organizations. Threat researchers warn that CVE-2024-27564—a server-side request forgery (SSRF) flaw in OpenAI’s ChatGPT infrastructure—is being weaponized at scale. Veriti telemetry logged…
-
Chinese Cybersecurity Firm Data Breach: Knownsec Leak Exposes Global Target Lists
CRITICAL CYBERSECURITY ALERT Date: November 2025 • Source: MRXN Threat Intelligence Incident: Data breach at Knownsec reveals offensive cyber toolkits and worldwide surveillance targets. Why it matters: Provides rare insight into alleged state-aligned hacking campaigns and long-term infiltration of telecom, immigration, and infrastructure systems. A newly leaked archive from Knownsec, a major Chinese cybersecurity firm…
-
Google Warns of PROMPTFLUX Malware Using Gemini API to Rewrite Its Own Code – GTIG Threat Report
Google Threat Intelligence Group reveals experimental malware family PROMPTFLUX that leverages Gemini AI API to dynamically rewrite its own source code, marking a significant evolution in AI-assisted cyber threats URGENT CYBERSECURITY ALERT November 6, 2025 – Google Threat Intelligence Group Report WHAT HAPPENED: Google’s Threat Intelligence Group (GTIG) has unveiled details of PROMPTFLUX, an experimental…