Cyber Briefing: 2025.04.28

New AI flaws, CVEs, and cyberattacks expose critical risks, stealth tactics, and major breaches across tech giants, DeFi platforms, government sites, and global privacy frameworks.

Apr 28, 2025

Listen to our podcast here!

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this?

👉 What's happening in cybersecurity today?

Get Help

🚨 Cyber Alerts

1. AI Vulnerabilities Found in Major Platforms

Researchers have discovered serious vulnerabilities in generative AI systems used by companies like OpenAI, Microsoft, and Google. These flaws allow attackers to bypass safety features, enabling the generation of dangerous or prohibited content. Two distinct techniques, known as “Inception” and another method involving response manipulation, exploit these weaknesses across multiple AI platforms. As these vulnerabilities affect key AI services, experts urge further security improvements to prevent malicious exploitation.

2. iOS Vulnerability Lets Apps Disable Devices

A critical vulnerability in iOS allows malicious applications to disable devices permanently with just a single line of code. The flaw, CVE-2025-24091, exploits the Darwin notifications system, a low-level messaging mechanism in iOS. By sending certain system-level notifications, an attacker can trigger an endless reboot loop, effectively “bricking” the device and forcing a system restore. This vulnerability can be triggered by any sandboxed app or widget extension, requiring no special privileges.

3. SAP NetWeaver Zero-Day Vulnerability Exposed

Shadow Servers recently identified a critical vulnerability in SAP NetWeaver systems, tracked as CVE-2025-31324. The flaw, affecting the Metadata Uploader component, allows unauthenticated attackers to upload malicious files to the system, potentially compromising it. The vulnerability, which carries a maximum CVSS severity score of 10.0, targets the "/developmentserver/metadatauploader" endpoint and is especially dangerous as it does not require any authentication or user interaction.

For more alerts click here!

Check Jobs

💥 Cyber Incidents

4. Loopscale DeFi Protocol Loses $5.8M in Hack

On April 26, the Solana-based decentralized finance protocol Loopscale suffered a significant exploit, resulting in a theft of approximately 5.7 million USDC and 1,200 Solana. The hack was carried out through a series of undercollateralized loans, impacting the protocol’s USDC and SOL vaults and leading to a loss of around 12% of Loopscale’s total value locked (TVL). Following the incident, Loopscale temporarily halted some functions, including Vault withdrawals, while resuming loan repayments and top-ups.

5. Army College of Nursing Hacked in India

The Army College of Nursing’s website in New Delhi was hacked by the Pakistan-based hacker group Team Insane PK. This attack occurred just days after the deadly terrorist strike in Jammu and Kashmir’s Pahalgam, heightening already tense relations between India and Pakistan. The hackers left an inflammatory message on the website, discussing themes related to the two-nation theory, further aggravating the situation. The breach coincided with India’s announcement of several retaliatory measures against Pakistan, including suspending the Indus Waters Treaty and expelling Pakistani diplomats from New Delhi.

6. Nuremberg City Website Down Due to DDoS

On April 25, 2025, the German city of Nuremberg's website suffered a DDoS attack, which caused significant disruptions. The attack targeted the servers, overwhelming them with excessive traffic and making municipal services, including search engines and contact forms, temporarily inaccessible. While the city's internal IT systems were not affected, the cybercrime department launched an investigation into the external attack. By the afternoon, the website was restored to full functionality, and all online services

For more incidents click here!

Report Incident

📢 Cyber News

7. US FTC Updates Children's Privacy Rule

The US Federal Trade Commission (FTC) has finalized an updated version of the Children’s Online Privacy Protection Act (COPPA) rule, which will take effect on June 23, 2025. This update enhances protections for children's online privacy by imposing stricter requirements on websites and apps, including the creation of information security programs that must be monitored for risks annually. The rule also includes tougher data retention and deletion policies, with clearer disclosures about how children’s data is collected, used, and shared with third parties.

8. UK to Ban SIM Farms to Combat Mobile Fraud

The UK government is set to introduce a ban on SIM farms in an effort to combat mobile phone fraud. SIM farms, which contain multiple SIM cards, are often used by cybercriminals to carry out large-scale fraud operations like smishing campaigns. The ban will take effect six months after the Crime and Policing Bill receives Royal Assent, with fines for violators reaching up to £5000 in Scotland and Northern Ireland, and unlimited fines in England and Wales. As fraud continues to rise, industry leaders like Vodafone UK emphasize the importance of collaboration between the government and telecom operators to protect the public.

9. Brave Launches Cookiecrumbler to Block Ads

Brave has launched Cookiecrumbler, an open-source tool that detects and blocks cookie consent banners using large language models (LLMs). This tool aims to refine Brave’s existing approach to blocking cookies, which since 2022, has caused issues like broken checkout flows and layout problems. By using AI, Cookiecrumbler classifies cookie consent notices and suggests fixes, which are then manually reviewed and published on GitHub for the community to address. It operates entirely on Brave’s backend, ensuring no user data is collected, and avoids interfering with user sessions.

For more news click here!

📈Cyber Stocks

💡 Cyber Tip

Patch Critical SAP NetWeaver Systems Immediately to Prevent Exploits

A zero-day vulnerability in SAP NetWeaver (CVE-2025-31324) allows unauthenticated attackers to upload malicious files and fully compromise systems without user interaction.

✅ Actions You Should Take:

Update SAP systems – Apply the latest patches from SAP to eliminate the vulnerability immediately.
Restrict access – Limit exposure to the Metadata Uploader endpoint to trusted internal networks only.
Monitor for anomalies – Watch for unusual file uploads and system behavior that could indicate compromise.

Why it matters: This CVSS 10.0 flaw allows attackers to hijack critical infrastructure easily, making rapid patching and monitoring essential to prevent serious breaches.