CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely
Oct 07, 2025Ravie LakshmananVulnerability / Cloud Security Redis has disclosed details of a maximum-severity security flaw in its in-memory database software that could result in…
Category: TheHackerNews
Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks
Oct 07, 2025Ravie LakshmananCyber Attack / Ransomware CrowdStrike on Monday said it’s attributing the exploitation of a recently disclosed security flaw in Oracle E-Business Suite…
New Report Links Research Firms BIETA and CIII to China’s MSS Cyber Operations
Oct 06, 2025Ravie LakshmananNetwork Security / Cyber Espionage A Chinese company named the Beijing Institute of Electronics Technology and Application (BIETA) has been assessed to…
Chinese Cybercrime Group Runs Global SEO Fraud Ring Using Compromised IIS Servers
Oct 06, 2025Ravie LakshmananMalware / Data Breach Cybersecurity researchers have shed light on a Chinese-speaking cybercrime group codenamed UAT-8099 that has been attributed to search…
5 Critical Questions For Adopting an AI Security Solution
In the era of rapidly advancing artificial intelligence (AI) and cloud technologies, organizations are increasingly implementing security measures to protect sensitive data and ensure regulatory…
Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files
Oct 06, 2025Ravie LakshmananEmail Security / Zero-Day A now patched security vulnerability in Zimbra Collaboration was exploited as a zero-day earlier this year in cyber…
Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks
Oct 06, 2025Ravie LakshmananVulnerability / Threat Intelligence Oracle has released an emergency update to address a critical security flaw in its E-Business Suite that it…
One Click Can Turn Perplexity’s Comet AI Browser Into a Data Thief
Oct 04, 2025Ravie LakshmananAgentic AI / Enterprise Security Cybersecurity researchers have disclosed details of a new attack called CometJacking targeting Perplexity’s agentic AI browser Comet…
Scanning Activity on Palo Alto Networks Portals Jump 500% in One Day
Oct 04, 2025Ravie LakshmananVulnerability / Network Security Threat intelligence firm GreyNoise disclosed on Friday that it has observed a spike in scanning activity targeting Palo…
Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer
A threat actor named Detour Dog has been outed as powering campaigns distributing an information stealer known as Strela Stealer. That’s according to findings from…
Adds Device Fingerprinting, PNG Steganography Payloads
The threat actor behind Rhadamanthys has also advertised two other tools called Elysium Proxy Bot and Crypt Service on their website, even as the flagship…
Researchers Warn of Self-Spreading WhatsApp Malware Named SORVEPOTEL
Oct 03, 2025Ravie LakshmananMalware / Online Security Brazilian users have emerged as the target of a new self-propagating malware that spreads via the popular messaging…