A novel zero-day vulnerability in Oracle E-Business Suite (CVE-2025-61882) is being actively exploited in a large-scale data exfiltration campaign, with CrowdStrike Intelligence attributing primary involvement…
Thank you for joining! Access your Pro+ Content below. 7 October 2025 Is the UK’s digital ID scheme doomed to fail? Share this item with…
Recorded Future has uncovered ties between the Beijing Institute of Electronics Technology and Application (BIETA) and China’s Ministry of State Security (MSS), the country’s primary…
A sophisticated cyberattack has compromised Red Hat Consulting’s infrastructure, potentially exposing sensitive data from over 5,000 enterprise customers worldwide. The breach, executed by the extortion…
The notorious Cl0p ransomware group has been actively exploiting a critical zero-day vulnerability in Oracle’s E-Business Suite (EBS), targeting enterprise customers through CVE-2025-61882. This sophisticated attack campaign…
A team of researchers from the University of California, Irvine, has discovered a security risk right on your desk. It turns out that your high-performance…
Oct 07, 2025Ravie LakshmananVulnerability / Cloud Security Microsoft on Monday attributed a threat actor it tracks as Storm-1175 to the exploitation of a critical security…
A recently patched vulnerability in Fortra GoAnywhere MFT (Managed File Transfer) was exploited as a zero-day by a Chinese ransomware group, Microsoft reports. The flaw,…
A critical deserialization flaw in GoAnywhere MFT’s License Servlet, tracked as CVE-2025-10035, has already been weaponized by the Storm-1175 group to execute the Medusa ransomware.…
In recent years, adversaries have abandoned traditional malware in favor of “living-off-the-land” operations against cloud and SaaS environments. Rather than deploying custom ransomware binaries, many…
Oct 07, 2025Ravie LakshmananVulnerability / Cloud Security Redis has disclosed details of a maximum-severity security flaw in its in-memory database software that could result in…
A critical-severity vulnerability that lingered in Redis for 13 years potentially exposes 60,000 servers to exploitation, cybersecurity firm Wiz warns. Redis is an open source…
