Multiple high-severity cybersecurity threats have been reported in May 2025, impacting widely used software and critical sectors. Google Chrome users are urged to update their browsers immediately after the discovery and active exploitation of a critical zero-day vulnerability, CVE-2025-4664, in Chrome's Loader component. This flaw allows attackers to steal sensitive data, such as account credentials, via crafted HTML and image traps. Google released emergency patches in versions 136.0.7103.113 for Windows and Linux, 136.0.7103.114 for macOS, and 136.0.7103.125 for Android. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added this vulnerability, as well as CVE-2025-4609, to its Known Exploited Vulnerabilities catalog, requiring federal agencies to patch by June 5. The Chrome vulnerabilities, discovered by Solidlab researcher Vsevolod Kokorin, enable malicious sites to bypass Chrome's same-origin policy and access sensitive data from other sites, potentially leading to account takeovers. Other Chromium-based browsers, including Brave, Microsoft Edge, and Vivaldi, are expected to release updates. The Chrome update also addresses additional flaws, including one in the Mojo component. A new Windows-based botnet, HTTPBot, first detected in August 2024, has launched over 200 targeted distributed denial-of-service (DDoS) attacks since April 2025, mainly affecting gaming, technology, and education sectors in China. HTTPBot uses an attack ID for precise control and supports seven HTTP-based DDoS methods, including simulating real browser behavior with Chrome instances, cookies, and HTTP/2 protocol. The botnet targets Windows systems and focuses on high-value business interfaces such as login and payment systems. Additional vulnerabilities reported include a zero-day chained attack in Ivanti EPMM and ongoing attacks on SAP NetWeaver. A flaw in the TeleMessage Signal app, despite a low CVSS score, was added to CISA's catalog due to its use by national security officials and the risk of message history exposure.