Scattered Spider Targets Microsoft, Apple In Access Scheme
Scattered Spider has shifted its operational strategy, moving away from chaotic data leaks toward a more structured and professional model of cybercrime. Now functioning as…
Latest Cybersecurity News — Page 1349
View all →
CISA Warns of Windows Privilege Escalation Vulnerability Exploited in Attacks
CISA has issued an urgent security advisory, adding Microsoft Windows privilege escalation vulnerability CVE-2021-43226 to its Known Exploited Vulnerabilities (KEV) catalog on October 6, 2025. …
GoAnywhere 0-Day RCE Actively Exploited to Deliver Medusa Ransomware
A critical zero-day vulnerability in GoAnywhere MFT’s License Servlet is being actively exploited to deploy Medusa ransomware. On September 18, 2025, Fortra released an advisory…
U.S. CISA adds Oracle, Mozilla, Microsoft Windows, Linux Kernel, and Microsoft IE flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Oracle, Mozilla, Microsoft Windows, Linux Kernel, and Microsoft IE flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini October 07, 2025 U.S. Cybersecurity…
Businesses fear AI is exposing them to more attacks
Listen to the article 2 min This audio is auto-generated. Please let us know if you have feedback. Dive Brief: Artificial intelligence–powered attacks are the…
OpenSSH Vulnerability Exploited Via ProxyCommand to Execute Remote Code
A new command injection vulnerability in OpenSSH, tracked as CVE-2025-61984, has been disclosed, which could allow an attacker to achieve remote code execution on a…
Hackers Launch Leak Portal to Publish Data Stolen from Salesforce Instances
The hacker collective styling itself “Scattered Lapsus$ Hunters”—an alliance echoing elements of ShinyHunters, Scattered Spider, and Lapsus$—has launched an extortionware portal to pressure victims into…
Cl0p Ransomware Actively Exploiting Oracle E-Business Suite 0-Day Vulnerability in the Wild
Oracle has issued an emergency security alert for a critical zero-day vulnerability (CVE-2025-61882) in its E-Business Suite after the notorious Cl0p ransomware group began extorting…
Mustang Panda Adopts New DLL Side-Loading Method to Deploy Malware
The sophisticated China-linked threat actor Mustang Panda has refined its cyber espionage arsenal with an advanced DLL side-loading technique specifically targeting the Tibetan community, according to recent…
How to get better results from bug bounty programs without wasting money
The wrong bug bounty strategy can flood your team with low-value reports. The right one can surface critical vulnerabilities that would otherwise slip through. A…
Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks
Oct 07, 2025Ravie LakshmananCyber Attack / Ransomware CrowdStrike on Monday said it’s attributing the exploitation of a recently disclosed security flaw in Oracle E-Business Suite…
NCSC Issues Alert on Active Exploitation of Oracle E-Business Suite 0-Day Vulnerability
The UK National Cyber Security Centre (NCSC) has issued a security alert following confirmation of active exploitation of a critical 0-day vulnerability, tracked as CVE-2025-61882,…