Tag: financial sector

CRITICAL CYBERSECURITY ALERT Date: November 2025 • Threat: CVE-2024-27564 (Server-Side Request Forgery) Why it matters: Threat actors are abusing ChatGPT’s pictureproxy component to force internal HTTP requests, harvesting data and targeting US government organizations. Threat researchers warn that CVE-2024-27564—a server-side request forgery (SSRF) flaw in OpenAI’s ChatGPT infrastructure—is being weaponized at scale. Veriti telemetry logged…