Abhimanyu Singh

Engineering Manager

About the author

Engineering Manager driving innovation in AI-powered SEO automation. Leads the development of systems that automatically build and maintain scalable SEO portals from Google Search Console data. Oversees the design and delivery of automation pipelines that replace traditional $360K/year content teams—aligning engineering execution with business outcomes.

Connect

ChatGPT Vulnerability: SVGs Used for Phishing Attacks Surge 245%

A critical security vulnerability in ChatGPT has been identified, enabling attackers to embed malicious SVG (Scalable Vector Graphics) and image files within shared conversations. This flaw, documented as CVE-2025-43714, is active until March 30, 2025. Researchers found that instead of treating SVG code as text, ChatGPT executes these elements when a chat is reopened or shared via links. This creates a stored cross-site scripting (XSS) vulnerability. The researcher, zer0dac, stated, “The ChatGPT system through 2025-03-30 performs inline rendering of SVG documents instead of rendering them as text inside a code block, which enables HTML injection within most modern graphical web browsers.”

May 20, 2025 3 min read

Marbled Dust Hackers Exploit Output Messenger Zero-Day in Espionage

A Türkiye-backed cyberespionage group, known as Marbled Dust, exploited a zero-day vulnerability in Output Messenger, specifically targeting users linked to the Kurdish military in Iraq. The flaw, identified as CVE-2025-27920, is a directory traversal vulnerability in the LAN messaging application. Microsoft Threat Intelligence analysts reported that this vulnerability could allow authenticated attackers to access sensitive files outside the intended directory or deploy malicious payloads on the server's startup folder.

May 13, 2025 4 min read

Ultimate Guide to Effective Vulnerability Management Strategies

Vulnerability management is essential in cybersecurity, as it involves continuously assessing IT environments for security flaws. Organizations must prioritize and address these vulnerabilities to minimize their attack surface. The process is not only about finding flaws but also understanding which ones pose real risks and taking appropriate action.

May 5, 2025 3 min read

M&S Faces Cyber Attack Disrupting Stores and Services

Marks and Spencer (M&S) is currently dealing with a significant cyber attack that has severely impacted its operations. The attack has led to the suspension of online ordering systems and has resulted in empty shelves across various stores. Initial reports indicate that a ransomware group known as DragonForce may be behind the attack, which has raised concerns about the potential extortion of the retailer.

Apr 30, 2025 3 min read

Global Malware Operation 'DollyWay' Compromises Over 20,000 WordPress Sites with Crypto-Draining Malware

DollyWay is a long-running malware campaign that has compromised over 20,000 WordPress sites globally. The operation primarily targets WordPress sites, using a sophisticated approach to maintain control and inject malware. The malware redirects visitors to scam pages via traffic broker networks.

Mar 20, 2025 4 min read

New PAN-OS Authentication Bypass Vulnerability Exploited by Hackers

Palo Alto Networks has released a patch for a high-severity authentication bypass vulnerability, identified as CVE-2025-0108, affecting their PAN-OS software. GreyNoise has observed active exploitation attempts targeting this vulnerability.

Feb 14, 2025 4 min read

1 2 3

3 / 3