CrowdStrike Warns of New Mass Exploitation Campaign Leveraging Oracle E-Business Suite 0-Day
A widespread campaign observed exploiting a novel zero-day vulnerability in Oracle E-Business Suite (EBS) applications, now tracked as…
Security in AI Era: Protecting AI Workloads with Google Cloud
Network Infrastructure & Security are the foundation any day even in the AI era. The evolution of artificial intelligence, along with…
Leaked Oracle EBS exploit scripts expected to drive new wave of attacks (CVE-2025-61882)
Resecurity and watchTowr researchers have analyzed the leaked scripts used by attackers to exploit CVE-2025-61882 on internet-facing Oracle…
Attackers Deployed Medusa Ransomware via GoAnywhere MFT Zero-Day
Cybercriminals exploited a critical deserialization flaw in Fortra’s GoAnywhere Managed File Transfer (MFT) tool—tracked as…
XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities
Cybersecurity researchers have charted the evolution of XWorm malware, turning it into a versatile tool for supporting a wide range of…
Discord Reveals Data Breach Following Third-Party Compromise
Discord has revealed it has been targeted by a ransomware actor who has accessed customer data, including proof of age ID and billing…
GoAnywhere 0-Day RCE Vulnerability Exploited in the Wild to Deploy Medusa Ransomware
A critical deserialization flaw in GoAnywhere MFT’s License Servlet, tracked as CVE-2025-10035, has already been weaponized by the…
NCSC: Patch Critical Oracle EBS Bug Now
Oracle E-Business Suite (EBS) customers have been urged to patch a critical vulnerability in the product, after reports that the…
Microsoft: Critical GoAnywhere Bug Exploited in Medusa Ransomware Campaign
A vulnerability in Fortra’s GoAnywhere Managed File Transfer (MFT) tool with a CVSS score of 10.0 is being actively exploited in…
Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware
Microsoft on Monday attributed a threat actor it tracks as Storm-1175 to the exploitation of a critical security flaw in Fortra GoAnywhere…
Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks
CrowdStrike on Monday said it’s attributing the exploitation of a recently disclosed security flaw in Oracle E-Business Suite with…
Red Hat data breach escalates as ShinyHunters joins extortion
Enterprise software giant Red Hat is now being extorted by the ShinyHunters gang, with samples of stolen customer engagement reports…
What Security Teams Are Looking for in Identity Management Today
Identity management gives organizations better visibility and control over their identity infrastructure – if they use the right…
Microsoft: Critical GoAnywhere bug exploited in ransomware attacks
A cybercrime group, tracked as Storm-1175, has been actively exploiting a maximum severity GoAnywhere MFT vulnerability in Medusa ransomware…
Redis warns of critical flaw impacting thousands of instances
The Redis security team has released patches for a maximum severity vulnerability that could allow attackers to gain remote code execution on…
Ransomware Group “Trinity of Chaos” Launches Data Leak Site
A new data leak site hosted on the TOR network has been launched by the “Trinity of Chaos” – a ransomware collective…
Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More
The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons…
Scanning of Palo Alto Portals Surges 500%
Security experts have observed a massive increase in reconnaissance activity targeted at login portals for Palo Alto Networks products.…
Asahi Confirms Ransomware Attack, Data Stolen from Servers
Asahi has confirmed it has been the victim of a ransomware attack, resulting in an “unauthorized transfer of data” from its…
Renault Informs Customers of Supply Chain Data Breach
Carmaker Renault has been forced to notify an unspecified number of customers that their personal data may have been compromised by threat…
Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks
Oracle has released an emergency update to address a critical security flaw in its E-Business Suite that it said has been exploited in the…
Oracle patches EBS zero-day exploited in Clop data theft attacks
Oracle is warning about a critical E-Business Suite zero-day vulnerability tracked as CVE-2025-61882 that allows attackers to perform…
How Can IT Security Professionals Best Navigate the CMMC Maze?
For companies still treating the Cybersecurity Maturity Model Certification (CMMC) as an IT-only concern, the risks are growing. Developed by…
Week in review: Many Cisco ASA firewalls still unsecure, hackers claim Red Hat’s GitLab breach
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Keeping the internet afloat: How…
Addressing the CL0P Extortion Campaign Targeting Oracle E-Business Suite (EBS) Users
Cybereason is continuing to investigate. Check the Cybereason blog for additional updates. Overview and What Cybereason Knows So Far…
Breaking Point: Storage & Backup Systems
Surging Cyber Threats: Actively Exploited Vulnerabilities in Storage and Backup Systems Enterprise storage and backup systems have become a…
Clop Ransomware Targets Oracle E-Business Suite: Extortion Wave Hits Global Enterprises
A new wave of extortion attacks linked to the Clop ransomware group has recently shaken organizations using Oracle E-Business Suite (EBS),…
Innovator Spotlight: Singulr AI
The AI Governance Tightrope: Enabling Innovation Without Compromising Security Cybersecurity leaders are facing a critical inflection…
Global Exposure of 180,000 ICS/OT Devices Raises Safety Concerns
The cybersecurity firm Bitsight has issued a major warning about a rapid increase in critical systems left vulnerable on the public internet.…
AI on the Frontlines: How Agentic AI is Revolutionizing Cyber Defense
Quick Summary: AI agents enable security teams to surge ahead of the most advanced threats using automated decision-making, real…
Revolutionizing Third Party Risk Management: The Future with Autonomous Pen-Testing
In today’s interconnected digital landscape, businesses are more dependent than ever on third-party vendors and partners. While these…
Cl0p-Linked Gang Attempts to Extort Oracle E-Business Customers
Cybersecurity experts are on high alert as a group claiming ties to the infamous Cl0p ransomware gang is bombarding companies with emails that…
Hackers Target Unpatched Flaws in Oracle E-Business Suite
Oracle has advised customers that hackers may be exploiting vulnerabilities in unpatched instances of its E-Business Suite (EBS). This follows…
WestJet Data Breach Impacts 1.2 Million Customers
Canadian airline WestJet has revealed that 1.2 million customers have been impacted by a data breach following a June 2025 cyber-attack. The…
Japan’s Beer Taps Fear Running Dry as Cyberattack on Asahi Disrupts Production
Japan’s largest brewery, Asahi Group Holdings, is racing against time as it struggles to recover from a cyberattack that has severely…
Your Easiest Fix: The 3 Golden Rules for a Password that AI Can’t Crack
October is here, and Cybersecurity Awareness Month 2025 is about to come into being. Department of Homeland Security (DHS) and CISA have…
Red Hat Confirms Data Breach After Hackers Claim to Steal 570GB of Private GitHub Repositories
Red Hat, the world’s leading enterprise open-source software provider, has officially confirmed a significant security incident…
Google Announces $4 Billion Arkansas Investment for New AI Data Center and 600 MW Solar Project
Google has announced plans to invest up to $4 billion in Arkansas by 2027, channeling resources into infrastructure, energy transition, and…
Confucius APT Evolves: Espionage Group Shifts from WooperStealer to Advanced Python Backdoor AnonDoor
The Confucius group, a long-running cyber-espionage actor first identified in 2013, has resurfaced with a new wave of operations across South…
US Government Shutdown to Slash Federal Cybersecurity Staff
The US government shutdown will severely deplete federal cybersecurity capabilities, with the Cybersecurity and Infrastructure Security Agency…
The Digital Campus Challenge: Why Universities Need to Reassess Cyber Risks
In February 2024, several British universities were hit by a major DDoS attack. In the past, a disruption to connectivity would mostly…
Extortion Emails Sent to Executives by Self-Proclaimed Clop Gang Member
An individual or group of people claiming to be working with the Clop ransomware has been sending extortion emails to executives at several…