Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys
Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on about 100,000 sites. The vuln…
Clop raid on Oracle E-Business Suite started months ago, researchers warn
Security boffins say the Clop cybercriminal gang has been rummaging through Oracle's E-Business Suite (EBS) for months – and now the…
INE Security Releases Industry Benchmark Report: “Wired Together: The Case for Cross-Training in Networking and Cybersecurity”
Raleigh, United States, October 7th, 2025, CyberNewsWire Report Shows Cross-Training as Strategic Solution to Operational Friction Between…
Redis patches critical “RediShell” RCE vulnerability, update ASAP! (CVE-2025-49844)
Redis, the company behind the widely used in-memory data structure store of the same name, has released patches for a critical vulnerability…
CrowdStrike Warns of New Mass Exploitation Campaign Leveraging Oracle E-Business Suite 0-Day
A widespread campaign observed exploiting a novel zero-day vulnerability in Oracle E-Business Suite (EBS) applications, now tracked as…
Google's new AI bug bounty program pays up to $30,000 for flaws
This week, Google has launched an AI Vulnerability Reward Program dedicated to security researchers who find and report flaws in the company's…
Security in AI Era: Protecting AI Workloads with Google Cloud
Network Infrastructure & Security are the foundation any day even in the AI era. The evolution of artificial intelligence, along with…
Researchers Uncover 13-Year-Old Redis Flaw Impacting Nearly 330,000 Instances
Researchers have uncovered a 13-year-old critical remote-code-execution flaw in Redis that let attackers escape the product’s Lua…
Cisco ASA/FTD 0-Day Vulnerability Exploited for Authentication Bypass – PoC Released
Cisco has released advisories for a zero-day exploit chain affecting its Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall…
Leaked Oracle EBS exploit scripts expected to drive new wave of attacks (CVE-2025-61882)
Resecurity and watchTowr researchers have analyzed the leaked scripts used by attackers to exploit CVE-2025-61882 on internet-facing Oracle…
Attackers Deployed Medusa Ransomware via GoAnywhere MFT Zero-Day
Cybercriminals exploited a critical deserialization flaw in Fortra’s GoAnywhere Managed File Transfer (MFT) tool—tracked as…
New Research: AI Is Already the #1 Data Exfiltration Channel in the Enterprise
For years, security leaders have treated artificial intelligence as an “emerging” technology, something to keep an eye on but not…
XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities
Cybersecurity researchers have charted the evolution of XWorm malware, turning it into a versatile tool for supporting a wide range of…
Discord Reveals Data Breach Following Third-Party Compromise
Discord has revealed it has been targeted by a ransomware actor who has accessed customer data, including proof of age ID and billing…
New Mic-E-Mouse Attack Shows Computer Mice Can Capture Conversations
A team of researchers from the University of California, Irvine, has discovered a security risk right on your desk. It turns out that your…
GoAnywhere 0-Day RCE Vulnerability Exploited in the Wild to Deploy Medusa Ransomware
A critical deserialization flaw in GoAnywhere MFT’s License Servlet, tracked as CVE-2025-10035, has already been weaponized by the…
NCSC: Patch Critical Oracle EBS Bug Now
Oracle E-Business Suite (EBS) customers have been urged to patch a critical vulnerability in the product, after reports that the…
Kibana Crowdstrike Connector Vulnerability Exposes Protected Credentials
Elastic has released a security advisory detailing a medium-severity vulnerability in the Kibana CrowdStrike Connector that could allow for…
Microsoft: Critical GoAnywhere Bug Exploited in Medusa Ransomware Campaign
A vulnerability in Fortra’s GoAnywhere Managed File Transfer (MFT) tool with a CVSS score of 10.0 is being actively exploited in…
13-Year-Old Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely
Redis has disclosed details of a maximum-severity security flaw in its in-memory database software that could result in remote code execution…
13-Year-Old Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely
Redis has disclosed details of a maximum-severity security flaw in its in-memory database software that could result in remote code execution…
Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware
Microsoft on Monday attributed a threat actor it tracks as Storm-1175 to the exploitation of a critical security flaw in Fortra GoAnywhere…
Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware
Microsoft on Monday attributed a threat actor it tracks as Storm-1175 to the exploitation of a critical security flaw in Fortra GoAnywhere…
Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks
CrowdStrike on Monday said it’s attributing the exploitation of a recently disclosed security flaw in Oracle E-Business Suite with…
Red Hat data breach escalates as ShinyHunters joins extortion
Enterprise software giant Red Hat is now being extorted by the ShinyHunters gang, with samples of stolen customer engagement reports…
What Security Teams Are Looking for in Identity Management Today
Identity management gives organizations better visibility and control over their identity infrastructure – if they use the right…
Microsoft: Critical GoAnywhere bug exploited in ransomware attacks
A cybercrime group, tracked as Storm-1175, has been actively exploiting a maximum severity GoAnywhere MFT vulnerability in Medusa ransomware…
Spyware Disguised as Signal and ToTok Apps Targets UAE Android Users
If you use messaging apps in the United Arab Emirates (UAE), cybersecurity researchers at ESET have identified two mobile spyware campaigns…
Microsoft: Running multiple Office apps causes Copilot issues
Microsoft is investigating a bug that causes Copilot issues when multiple Office apps are running simultaneously on the same system. According…
Zeroday Cloud hacking contest offers $4.5 million in bounties
A new hacking competition called Zeroday Cloud, focused on open-source cloud and AI tools, announced a total prize pool of $4.5…
ChatGPT Pulse is coming to the web, but no word on free or Plus roll out
OpenAI’s ChatGPT Pulse, which is a tool that gives you personalised updates based on usage patterns, is coming to the web. OpenAI began…
OpenAI is testing ChatGPT-powered Agent Builder
OpenAI is building a tool that will allow you to create your own AI Agents. AI startups are convinced AI agents are the future and…
Reemo Unveils Bastion+: A Scalable Solution for Global Privileged Access Management
Paris, France, October 6th, 2025, CyberNewsWire Reemo continues its mission to secure enterprise remote access and becomes the first French…
Redis warns of critical flaw impacting thousands of instances
The Redis security team has released patches for a maximum severity vulnerability that could allow attackers to gain remote code execution on…
Europol Calls for Stronger Data Laws to Combat Cybercrime
Criminals are exploiting encryption, anonymization and new technologies faster than regulators and law enforcement can adapt, creating a…
Ransomware Group “Trinity of Chaos” Launches Data Leak Site
A new data leak site hosted on the TOR network has been launched by the “Trinity of Chaos” – a ransomware collective…
LinkedIn sues ProAPIs for using 1M fake accounts to scrape user data
LinkedIn has filed a lawsuit against Delaware company ProAPIs Inc. and its founder and CTO, Rehmat Alam, for allegedly scraping legitimate…
New Report Links Research Firms BIETA and CIII to China’s MSS Cyber Operations
A Chinese company named the Beijing Institute of Electronics Technology and Application (BIETA) has been assessed to be likely led by the…
New Report Links Research Firms BIETA and CIII to China’s MSS Cyber Operations
A Chinese company named the Beijing Institute of Electronics Technology and Application (BIETA) has been assessed to be likely led by the…
Steam and Microsoft warn of Unity flaw exposing gamers to attacks
A code execution vulnerability in the Unity game engine could be exploited to achieve code execution on Android and privilege escalation on…
XWorm malware resurfaces with ransomware module, over 35 plugins
New versions of the XWorm backdoor are being distributed in phishing campaigns after the original developer, XCoder, abandoned the project…
⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More
The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons…
5 Critical Questions For Adopting an AI Security Solution
In the era of rapidly advancing artificial intelligence (AI) and cloud technologies, organizations are increasingly implementing security…