Oracle links Clop extortion attacks to July 2025 vulnerabilities
Oracle has linked an ongoing extortion campaign claimed by the Clop ransomware gang to E-Business Suite (EBS) vulnerabilities that were patched...
Read more →Author: Cybernoz
New XWorm V6 Variant Injects Malicious Code into a Legitimate Windows Program
The resurgence of XWorm in mid-2025 marks a significant escalation in malware sophistication. After a lull following the abrupt discontinuation...
Read more →
GhostSocks Malware-as-a-Service Turns Compromised Devices into Proxies for Threat Actors
On October 15, 2023, a threat actor using the handle GhostSocks published a sales post on the Russian cybercrime forum...
Read more →
How Passwork 7 Addresses Complexity of Enterprise Security
Passwork is positioned as an on-premises unified platform for both password and secrets management, aiming to address the increasing complexity...
Read more →
Software engineering limited by lack of full automation
A survey by Coleman Parkes for Harness has found that the use of artificial intelligence (AI) in software development is...
Read more →
Critical Splunk Vulnerabilities Affect Multiple Versions
Splunk has disclosed six critical security vulnerabilities impacting multiple versions of both Splunk Enterprise and Splunk Cloud Platform. These Splunk...
Read more →
Unauthenticated RCE Flaw Patched in DrayTek Routers
DrayTek on Thursday announced patches for an unauthenticated remote code execution (RCE) vulnerability affecting DrayOS routers. Tracked as CVE-2025-10547, the...
Read more →
Gmail business users can now send encrypted emails to anyone
Google says that Gmail enterprise users can now send end-to-end encrypted emails to people who use any email service or...
Read more →
Chinese Hackers Compromising High-Value IIS Servers to Manipulate Search Rankings
The Chinese-speaking cybercrime group UAT-8099 has been stealthily breaching valuable Internet Information Services (IIS) servers in India, Thailand, Vietnam, Canada,...
Read more →
Hackers Exploit Grafana Vulnerability Allowing Arbitrary File Reads
Researchers at GreyNoise observed a sudden spike in attempts to exploit a well-known Grafana flaw. This vulnerability, tracked as CVE-2021-43798,...
Read more →
Organizations Warned of Exploited Meteobridge Vulnerability
The US cybersecurity agency CISA on Thursday warned that a Meteobridge vulnerability patched in May has been exploited in attacks...
Read more →
Threat Actors Leveraging WhatsApp Messages to Attack Windows Systems With SORVEPOTEL Malware
Enterprise networks worldwide are facing an aggressive, self-propagating malware campaign that exploits WhatsApp as its primary delivery mechanism. First observed...
Read more →