‘Payroll Pirate’ Attacks Target U.S. Universities, Diverting Employee Salaries
Microsoft Threat Intelligence has revealed a spate of financially motivated cyberattacks against universities across the United States. The…
Pro-Russia Hacktivists “Claim” Attack on Water Utility Honeypot
A Russia-aligned hacktivist gang has been tricked into targeting a honeypot disguised as a water treatment utility, cybersecurity company…
Google Warns of CL0P Ransomware Group Actively Exploiting Oracle E-Business Suite Zero-Day
The cybersecurity landscape faces a new and significant threat as the notorious CL0P ransomware group has launched a large-scale extortion…
Senators Peters and Rounds Introduce Bipartisan Bill to Restore Cybersecurity Protections
In a renewed push to safeguard America’s digital infrastructure, U.S. Senators Gary Peters (D-MI) and Mike Rounds (R-SD) have introduced…
7-Zip Vulnerabilities Allows Remote Attackers to Execute Arbitrary Code
Two high-severity vulnerabilities have been discovered in the popular open-source file archiver, 7-Zip, which could allow remote attackers to…
CL0P Extortion: Google/Mandiant Expose Zero-Day RCE in Oracle E-Business Suite (CVE-2025-61882)
Google Threat Intelligence Group (GTIG) and Mandiant have jointly disclosed an extensive data theft and extortion campaign targeting Oracle…
RondoDox Botnet Unleashed: New Malware Uses ‘Exploit Shotgun’ to Target 50+ Router and IoT Flaws
Trend Micro has uncovered a rapidly expanding botnet campaign dubbed RondoDox, which is targeting a wide spectrum of internet-exposed devices…
New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps
A rapidly evolving Android spyware campaign called ClayRat has targeted users in Russia using a mix of Telegram channels and lookalike…
Researchers Warn of Security Gaps in AI Browsers
A new report by security researchers at SquareX Labs has identified several architectural security weaknesses in AI browsers, including…
ClayRat Spyware Campaign Targets Android Users in Russia
A rapidly evolving Android spyware campaign known as “ClayRat” has been discovered targeting Russian users through Telegram…
From Phishing to Malware: AI Becomes Russia's New Cyber Weapon in War on Ukraine
Russian hackers' adoption of artificial intelligence (AI) in cyber attacks against Ukraine has reached a new level in the first half of 2025…
High Number of Windows 10 Users Remain as End-of-Life Looms
A significant proportion individual users and organizations still run the Windows 10 operating system, just days before it reaches its…
Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks
Cybersecurity researchers are calling attention to a nefarious campaign targeting WordPress sites to make malicious JavaScript injections that…
Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave
Threat actors with suspected ties to China have turned a legitimate open-source monitoring tool called Nezha into an attack weapon, using it…
Nezha Tool Used in New Cyber Campaign Targeting Web Applications
A newly uncovered cyber campaign featuring the open-source tool Nezha has been observed targeting vulnerable web applications. Beginning in…
LockBit, Qilin, and DragonForce Join Forces to Dominate the Ransomware Ecosystem
Three prominent ransomware groups DragonForce, LockBit, and Qilin have announced a new strategic ransomware alliance, once underscoring…
New Shuyal Stealer Targets 17 Web Browsers for Login Data and Discord Tokens
Cybersecurity researchers at Point Wild’s Lat61 Threat Intelligence Team have found a new infostealer called Shuyal Stealer, a malware…
Evernote Relaunches as AI-First Note App with Semantic Search and OpenAI Assistant
Once the defining name in note-taking applications, Evernote had seen its presence wane in recent years. Yet under the stewardship of Italian…
Zimbra XSS Zero-Day (CVE-2025-27915) Actively Exploited; CISA Adds to KEV Catalog
A cross-site scripting (XSS) in Synacor Zimbra Collaboration Suite (ZCS) — tracked as CVE-2025-27915 — has been confirmed to be…
Actively Exploited: Critical Flaw CVE-2025-5947 (CVSS 9.8) Allows Unauthenticated Admin Takeover in WordPress Plugin
researchers at Wordfence have issued an urgent warning about an actively exploited authentication bypass in the Service Finder Bookings plugin…
Qilin Ransomware Gang Claims Asahi Cyber-Attack
The Qilin ransomware group has claimed responsibility for the cyber-attack on Japan’s Asahi Group and says it has stolen sensitive data…
BatShadow Group Uses New Go-Based 'Vampire Bot' Malware to Hunt Job Seekers
A Vietnamese threat actor named BatShadow has been attributed to a new campaign that leverages social engineering tactics to deceive job…
CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability (now tracked as CVE-2025-61882)
CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability — now tracked as…
Critical Flaw Exposes 60,000 Redis Servers to Remote Exploitation
A critical security flaw in Redis, a popular in-memory database platform used by about 75% of cloud environments, has left an estimated 60,000…
Qilin Claims Ransomware Attack on Mecklenburg Schools
A ransomware attack that disrupted operations at Mecklenburg County Public Schools (MCPS) in early September has been claimed by the Russian…
Redis patches critical “RediShell” RCE vulnerability, update ASAP! (CVE-2025-49844)
Redis, the company behind the widely used in-memory data structure store of the same name, has released patches for a critical vulnerability…
CrowdStrike Warns of New Mass Exploitation Campaign Leveraging Oracle E-Business Suite 0-Day
A widespread campaign observed exploiting a novel zero-day vulnerability in Oracle E-Business Suite (EBS) applications, now tracked as…
Security in AI Era: Protecting AI Workloads with Google Cloud
Network Infrastructure & Security are the foundation any day even in the AI era. The evolution of artificial intelligence, along with…
Researchers Uncover 13-Year-Old Redis Flaw Impacting Nearly 330,000 Instances
Researchers have uncovered a 13-year-old critical remote-code-execution flaw in Redis that let attackers escape the product’s Lua…
XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities
Cybersecurity researchers have charted the evolution of XWorm malware, turning it into a versatile tool for supporting a wide range of…
Microsoft: Critical GoAnywhere Bug Exploited in Medusa Ransomware Campaign
A vulnerability in Fortra’s GoAnywhere Managed File Transfer (MFT) tool with a CVSS score of 10.0 is being actively exploited in…
13-Year-Old Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely
Redis has disclosed details of a maximum-severity security flaw in its in-memory database software that could result in remote code execution…
Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware
Microsoft on Monday attributed a threat actor it tracks as Storm-1175 to the exploitation of a critical security flaw in Fortra GoAnywhere…
Spyware Disguised as Signal and ToTok Apps Targets UAE Android Users
If you use messaging apps in the United Arab Emirates (UAE), cybersecurity researchers at ESET have identified two mobile spyware campaigns…
Redis warns of critical flaw impacting thousands of instances
The Redis security team has released patches for a maximum severity vulnerability that could allow attackers to gain remote code execution on…
New Report Links Research Firms BIETA and CIII to China’s MSS Cyber Operations
A Chinese company named the Beijing Institute of Electronics Technology and Application (BIETA) has been assessed to be likely led by the…
Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More
The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons…
Chinese Cybercrime Group Runs Global SEO Fraud Ring Using Compromised IIS Servers
Cybersecurity researchers have shed light on a Chinese-speaking cybercrime group codenamed UAT-8099 that has been attributed to search engine…
Scanning of Palo Alto Portals Surges 500%
Security experts have observed a massive increase in reconnaissance activity targeted at login portals for Palo Alto Networks products.…
Week in review: Many Cisco ASA firewalls still unsecure, hackers claim Red Hat’s GitLab breach
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Keeping the internet afloat: How…
500X Surge in Scanning Targets Palo Alto and Cisco ASA
Enterprise security teams are on high alert after an extraordinary 500% spike in mass scanning activity was detected against Palo Alto…
Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer
A threat actor named Detour Dog has been outed as powering campaigns distributing an information stealer known as Strela Stealer. That's…