China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns
Threat actors affiliated with China have been attributed to a fresh set of cyber espionage campaigns targeting government and law enforcement agencies acr…
Discord Reveals Data Breach Following Third-Party Compromise
Discord has revealed it has been targeted by a ransomware actor who has accessed customer data, including proof of age ID and billing…
New Mic-E-Mouse Attack Shows Computer Mice Can Capture Conversations
A team of researchers from the University of California, Irvine, has discovered a security risk right on your desk. It turns out that your…
GoAnywhere 0-Day RCE Vulnerability Exploited in the Wild to Deploy Medusa Ransomware
A critical deserialization flaw in GoAnywhere MFT’s License Servlet, tracked as CVE-2025-10035, has already been weaponized by the…
NCSC: Patch Critical Oracle EBS Bug Now
Oracle E-Business Suite (EBS) customers have been urged to patch a critical vulnerability in the product, after reports that the…
Kibana Crowdstrike Connector Vulnerability Exposes Protected Credentials
Elastic has released a security advisory detailing a medium-severity vulnerability in the Kibana CrowdStrike Connector that could allow for…
Microsoft: Critical GoAnywhere Bug Exploited in Medusa Ransomware Campaign
A vulnerability in Fortra’s GoAnywhere Managed File Transfer (MFT) tool with a CVSS score of 10.0 is being actively exploited in…
13-Year-Old Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely
Redis has disclosed details of a maximum-severity security flaw in its in-memory database software that could result in remote code execution…
13-Year-Old Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely
Redis has disclosed details of a maximum-severity security flaw in its in-memory database software that could result in remote code execution…
Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware
Microsoft on Monday attributed a threat actor it tracks as Storm-1175 to the exploitation of a critical security flaw in Fortra GoAnywhere…
Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware
Microsoft on Monday attributed a threat actor it tracks as Storm-1175 to the exploitation of a critical security flaw in Fortra GoAnywhere…
Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks
CrowdStrike on Monday said it’s attributing the exploitation of a recently disclosed security flaw in Oracle E-Business Suite with…
Red Hat data breach escalates as ShinyHunters joins extortion
Enterprise software giant Red Hat is now being extorted by the ShinyHunters gang, with samples of stolen customer engagement reports…
What Security Teams Are Looking for in Identity Management Today
Identity management gives organizations better visibility and control over their identity infrastructure – if they use the right…
Microsoft: Critical GoAnywhere bug exploited in ransomware attacks
A cybercrime group, tracked as Storm-1175, has been actively exploiting a maximum severity GoAnywhere MFT vulnerability in Medusa ransomware…
Spyware Disguised as Signal and ToTok Apps Targets UAE Android Users
If you use messaging apps in the United Arab Emirates (UAE), cybersecurity researchers at ESET have identified two mobile spyware campaigns…
Microsoft: Running multiple Office apps causes Copilot issues
Microsoft is investigating a bug that causes Copilot issues when multiple Office apps are running simultaneously on the same system. According…
Zeroday Cloud hacking contest offers $4.5 million in bounties
A new hacking competition called Zeroday Cloud, focused on open-source cloud and AI tools, announced a total prize pool of $4.5…
ChatGPT Pulse is coming to the web, but no word on free or Plus roll out
OpenAI’s ChatGPT Pulse, which is a tool that gives you personalised updates based on usage patterns, is coming to the web. OpenAI began…
OpenAI is testing ChatGPT-powered Agent Builder
OpenAI is building a tool that will allow you to create your own AI Agents. AI startups are convinced AI agents are the future and…
Reemo Unveils Bastion+: A Scalable Solution for Global Privileged Access Management
Paris, France, October 6th, 2025, CyberNewsWire Reemo continues its mission to secure enterprise remote access and becomes the first French…
Redis warns of critical flaw impacting thousands of instances
The Redis security team has released patches for a maximum severity vulnerability that could allow attackers to gain remote code execution on…
Europol Calls for Stronger Data Laws to Combat Cybercrime
Criminals are exploiting encryption, anonymization and new technologies faster than regulators and law enforcement can adapt, creating a…
Ransomware Group “Trinity of Chaos” Launches Data Leak Site
A new data leak site hosted on the TOR network has been launched by the “Trinity of Chaos” – a ransomware collective…
LinkedIn sues ProAPIs for using 1M fake accounts to scrape user data
LinkedIn has filed a lawsuit against Delaware company ProAPIs Inc. and its founder and CTO, Rehmat Alam, for allegedly scraping legitimate…
New Report Links Research Firms BIETA and CIII to China’s MSS Cyber Operations
A Chinese company named the Beijing Institute of Electronics Technology and Application (BIETA) has been assessed to be likely led by the…
New Report Links Research Firms BIETA and CIII to China’s MSS Cyber Operations
A Chinese company named the Beijing Institute of Electronics Technology and Application (BIETA) has been assessed to be likely led by the…
Steam and Microsoft warn of Unity flaw exposing gamers to attacks
A code execution vulnerability in the Unity game engine could be exploited to achieve code execution on Android and privilege escalation on…
XWorm malware resurfaces with ransomware module, over 35 plugins
New versions of the XWorm backdoor are being distributed in phishing campaigns after the original developer, XCoder, abandoned the project…
⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More
The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons…
5 Critical Questions For Adopting an AI Security Solution
In the era of rapidly advancing artificial intelligence (AI) and cloud technologies, organizations are increasingly implementing security…
Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More
The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons…
5 Critical Questions For Adopting an AI Security Solution
In the era of rapidly advancing artificial intelligence (AI) and cloud technologies, organizations are increasingly implementing security…
Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks
Oracle has released an emergency update to address a critical security flaw in its E-Business Suite software that it said has been exploited…
Chinese Cybercrime Group Runs Global SEO Fraud Ring Using Compromised IIS Servers
Cybersecurity researchers have shed light on a Chinese-speaking cybercrime group codenamed UAT-8099 that has been attributed to search engine…
Scanning of Palo Alto Portals Surges 500%
Security experts have observed a massive increase in reconnaissance activity targeted at login portals for Palo Alto Networks products.…
Asahi Confirms Ransomware Attack, Data Stolen from Servers
Asahi has confirmed it has been the victim of a ransomware attack, resulting in an “unauthorized transfer of data” from its…
Renault Informs Customers of Supply Chain Data Breach
Carmaker Renault has been forced to notify an unspecified number of customers that their personal data may have been compromised by threat…
Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files
A now patched security vulnerability in Zimbra Collaboration was exploited as a zero-day earlier this year in cyber attacks targeting the…
Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks
Oracle has released an emergency update to address a critical security flaw in its E-Business Suite that it said has been exploited in the…
Oracle patches EBS zero-day exploited in Clop data theft attacks
Oracle is warning about a critical E-Business Suite zero-day vulnerability tracked as CVE-2025-61882 that allows attackers to perform…
Hackers exploited Zimbra flaw as zero-day using iCalendar files
Researchers monitoring for larger .ICS calendar attachments found that a flaw in Zimbra Collaboration Suite (ZCS) was used in…
How Can IT Security Professionals Best Navigate the CMMC Maze?
For companies still treating the Cybersecurity Maturity Model Certification (CMMC) as an IT-only concern, the risks are growing. Developed by…