Oracles silently fixes zero-day exploit leaked by ShinyHunters
Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the…
Category: Bleeping Computer
Microsoft warns that Windows 10 reaches end of support today
Microsoft has reminded customers today that Windows 10 has reached the end of support and will no longer receive patches for newly discovered security vulnerabilities.…
Security firms debate CVE credit in overlapping vulnerability reports
Cybersecurity company FuzzingLabs has accused the Y Combinator-backed startup, Gecko Security, of replicating its vulnerability disclosures and backdating blog posts. According to the company, Gecko filed…
The Hidden Security Shifts No One Expects
Written by Ido Shlomo, Co-Founder and CTO, Token Security AI assistants are no longer summarizing meeting notes, writing emails, and answering questions. They’re taking action,…
Secure Boot bypass risk on nearly 200,000 Linux Framework sytems
Around 200,000 Linux computer systems from American computer maker Framework were shipped with signed UEFI shell components that could be exploited to bypass Secure Boot…
Chinese hackers abuse geo-mapping tool for year-long persistence
Chinese state hackers remained undetected in a target environment for more than a year by turning a component in the ArcGIS geo-mapping tool into a…
Microsoft restricts IE mode access in Edge after zero-day attacks
Microsoft is restricting access to Internet Explorer mode in Edge browser after learning that hackers are leveraging zero-day exploits in the Chakra JavaScript engine for access…
SimonMed says 1.2 million patients impacted in January data breach
U.S. medical imaging provider SimonMed Imaging is notifying more than 1.2 million individuals of a data breach that exposed their sensitive information. SimonMed Imaging is…
Massive multi-country botnet targets RDP services in the US
A large-scale botnet is targeting Remote Desktop Protocol (RDP) services in the United States from more than 100,000 IP addresses. The campaign started on October 8…
Microsoft investigates outage affecting Microsoft 365 apps
Microsoft is investigating an ongoing incident that is preventing some customers from accessing Microsoft 365 applications. While the company has yet to share which regions…
SonicWall VPN accounts breached using stolen creds in widespread attacks
Researchers warn that threat actors have compromised more than a hundred SonicWall SSLVPN accounts in a large-scale campaign using stolen, valid credentials. Although in some…
Meet Varonis Interceptor: AI-Native Email Security
Today, we are excited to announce Varonis Interceptor, AI-native email security. AI has enabled a new breed of email threats that are more deceptive than…