LinkedIn sued ProAPIs and its CEO Rahmat Alam for running millions of fake accounts to scrape and sell user data, charging up to $15,000 per month. LinkedIn has filed a lawsuit against the software firm ProAPIs and its CEO, Rahmat…
Oracle patches critical E-Business Suite flaw exploited by Cl0p hackers
Oracle fixed a critical flaw (CVE-2025-61882, CVSS 9.8) in E-Business Suite that is actively exploited by Cl0p cybercrime group. Oracle released an emergency patch to address a critical vulnerability, tracked as CVE-2025-61882 (CVSS 9.8) in its E-Business Suite. “Updated [10/04/2025]:…
Critical WhatsApp Zero Click Vulnerability Abused with DNG Payload
It has been reported that attackers are actively exploiting a recently discovered vulnerability in WhatsApp’s iOS application as a part of a sophisticated cyber campaign that underscores how zero-day vulnerabilities are becoming weaponised in today’s cyber warfare. With the…
Harrods Confirms Data Breach Exposing 430,000 Customer Records
Luxury retailer Harrods has confirmed a new data breach that exposed the personal details of around 430,000 e-commerce customers after hackers compromised one of its third-party suppliers. The company clarified that this incident is separate from the cyberattack it…
AI Turns Personal: Criminals Now Cloning Loved Ones to Steal Money, Warns Police
Police forces in the United Kingdom are alerting the public to a surge in online fraud cases, warning that criminals are now exploiting artificial intelligence and deepfake technology to impersonate relatives, friends, and even public figures. The warning, issued…
Hackers launch data leak site to extort 39 victims, or Salesforce
Scattered Lapsus$ Hunters launched a data leak site over the weekend, aiming to pressure organizations whose Salesforce databases they have plundered into paying to prevent the stolen data from being released. Screenshot of Scattered Lapsus$ Hunters data leak site (Source:…
New Report Links Research Firms BIETA and CIII to China’s MSS Cyber Operations
A Chinese company named the Beijing Institute of Electronics Technology and Application (BIETA) has been assessed to be likely led by the Ministry of State Security (MSS). The assessment comes from evidence that at least four BIETA personnel have clear…
IT Security News Hourly Summary 2025-10-06 15h : 14 posts
14 posts were published in the last hour 13:3 : Hackers Allegedly Breach Huawei Technologies, Leak Source Code and Internal Tools 13:3 : Zero Trust Access Made Simple for Contractors 13:3 : Zabbix Agent and Agent 2 for Windows Vulnerability…
How Exposure Management Helped Three Companies Transform Their Cybersecurity Program
Part two of our Exposure Management Academy series on exposure management maturity explores how organizations like Drogaria Araujo, Tenable and Verizon have applied exposure management to strengthen their security postures. Key takeaways: Case studies of Drogaria Araujo, Tenable and Verizon…
New ‘Fully Undetectable’ Android RAT Discovered on GitHub
Hosted at the repository “Huckel789/Android-RAT,” this fully undetectable (FUD) RAT is designed to evade antivirus detection permanently, maintain persistence in battery-optimized environments, and deliver a feature-rich command-and-control (C2C) experience entirely from a web interface. This Android RAT sets itself apart…
Radiant Group won’t touch kids’ data now, but apparently hospitals are fair game
Ransomware crooks utterly fail to find moral compass First they targeted a preschool network, now new kids on the ransomware block Radiant Group say they’ve hit a hospital in the US, continuing their deplorable early cybercrime careers.… This article has…
Microsoft and Steam Take Action as Unity Vulnerability Puts Games at Risk
The flaw could lead to local code execution, allowing attackers to access confidential information on devices running Unity-built applications. The post Microsoft and Steam Take Action as Unity Vulnerability Puts Games at Risk appeared first on SecurityWeek. This article has…
Sora 2 Unveiled To Mixed Reviews
Emerging AI, Google Updates, and Falling Satellites: A Tech Rundown In this episode of hashtag Trending, host Jim Love discusses the latest developments in AI and tech. Open AI’s new app Sora 2 promises revolutionary video generation capabilities, but early…
Hackers Allegedly Breach Huawei Technologies, Leak Source Code and Internal Tools
Cybersecurity researchers are reporting an alleged security breach involving Chinese technology giant Huawei Technologies, with hackers claiming to have accessed and leaked sensitive source code and internal development tools. The incident, which surfaced through social media channels, represents a potentially significant…
Zero Trust Access Made Simple for Contractors
Third-party contractors are critical for many organizations. They bring specialized skills, help scale projects quickly, and support both short-term initiatives and long-term business needs. Yet contractors also introduce unique security and operational challenges. Whether it’s a quick project or a…
Zabbix Agent and Agent 2 for Windows Vulnerability Let Attackers Escalate Privileges
A critical security vulnerability has been discovered in Zabbix Agent and Agent 2 for Windows that allows attackers with local system access to escalate their privileges through DLL injection attacks. The flaw, tracked as CVE-2025-27237 with a CVSS score of…
Qantas Wins Injunction Before Data Leak
A new leak site, operated by Scattered LAPSUS$ Hunters, now threatens to publish data from 39 Salesforce customers by October 10. One of these The post Qantas Wins Injunction Before Data Leak first appeared on CyberMaterial. This article has been…
Abracadabra Hit by Third DeFi Hack
A DeFi project, Abracadabra, has been exploited, resulting in a loss of about $1.7 million. This is the third time the platform has been a victim of a security The post Abracadabra Hit by Third DeFi Hack first appeared on…
Extortion Group Launches Salesforce Data Leak
A new data leak site has been launched by a group of cybercriminals calling themselves Scattered Lapsus$ Hunters, which includes members The post Extortion Group Launches Salesforce Data Leak first appeared on CyberMaterial. This article has been indexed from CyberMaterial…
Oracle Issues Security Alert
Oracle has issued a Security Alert concerning a critical vulnerability, CVE-2025-61882, found in Oracle E-Business Suite versions 12.2.3 through 12.2.14. The post Oracle Issues Security Alert first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read the original…
Discord Reveals Data Breach Incident
Hackers gained unauthorized access to a third-party customer service system used by Discord on September 20, leading to a data breach that affected The post Discord Reveals Data Breach Incident first appeared on CyberMaterial. This article has been indexed from…
Quick and Dirty Analysis of Possible Oracle E-Business Suite Exploit Script (CVE-2025-61882) [UPDATED[, (Mon, Oct 6th)
[Update: I added the server part delivering the payload] This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Quick and Dirty Analysis of Possible Oracle E-Business Suite Exploit Script (CVE-2025-61882) [UPDATED[, (Mon, Oct…
Thieves steal IDs and payment info after data leaks from Discord support vendor
Outsourcing your helpdesk always seems like a good idea – until someone else’s breach becomes your problem Discord has confirmed customers’ data was stolen – but says the culprit wasn’t its own servers, just a compromised support vendor.… This article…
Scattered Lapsus$ Hunters Extorts Victims, Demands Salesforce Negotiate
The threat group Scattered Lapsus$ Hunters, which last month said it was shutting down operations, is back with a data leak site listing dozens of high-profile Salesforce customers and claiming to have stolen almost 1 billion data files. The group…