A sophisticated cyberattack targeting Oracle E-Business Suite (EBS) customers has exposed critical vulnerabilities in enterprise resource planning systems, compromising an estimated 100 organizations worldwide between July and October 2025. The campaign, attributed to the notorious Clop ransomware group and linked…
TamperedChef Hacking Campaign Leverages Common Apps to Deliver Payloads and Gain Remote Access
A new global hacking campaign tracked as TamperedChef has emerged, exploiting everyday software names to trick users into installing malicious applications that deliver remote access tools. The campaign uses fake installers disguised as common programs like manual readers, PDF editors,…
Gmail is reading your emails and attachments to train its AI, unless you turn it off
A new Gmail update may allow Google to use your private messages and attachments for AI training. Here’s how to turn it off. This article has been indexed from Malwarebytes Read the original article: Gmail is reading your emails and…
Over 50,000 Asus Routers Hacked in ‘Operation WrtHug’
A Chinese threat actor is exploiting known vulnerabilities in discontinued Asus devices in an Operational Relay Box (ORB) facilitation campaign. The post Over 50,000 Asus Routers Hacked in ‘Operation WrtHug’ appeared first on SecurityWeek. This article has been indexed from…
ThreatsDay Bulletin: 0-Days, LinkedIn Spies, Crypto Crimes, IoT Flaws and New Malware Waves
This week has been crazy in the world of hacking and online security. From Thailand to London to the US, we’ve seen arrests, spies at work, and big power moves online. Hackers are getting caught. Spies are getting better at…
US and Allies Sanction Russian Bulletproof Hosting Service Providers
Media Land, Hypercore, and their leadership and employees are allegedly connected to various cybercriminal activities. The post US and Allies Sanction Russian Bulletproof Hosting Service Providers appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
MacOS DigitStealer malware poses as DynamicLake, targets Apple Silicon M2/M3 devices
A new infostealer is targeting macOS users by masquerading as the legitimate DynamicLake UI enhancement and productivity utility and possibly Google’s Drive for desktop app. Multi-stage delivery Dubbed DigitStealer by Jamf researchers, this threat is unusually sophisticated. Before it’s run,…
Comet Browser Flaw Lets Hidden API Run Commands on Users’ Devices
SquareX warns Perplexity’s Comet AI browser contains a hidden MCP API that bypasses security, allowing attackers to install malware and seize full device control. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and…
Scam USPS and E-Z Pass Texts and Websites
Google has filed a complaint in court that details the scam: In a complaint filed Wednesday, the tech giant accused “a cybercriminal group in China” of selling “phishing for dummies” kits. The kits help unsavvy fraudsters easily “execute a large-scale…
Critical N-able N-central Vulnerabilities Allow attacker to interact with legacy APIs and read sensitive files
N-able’s N-central remote management and monitoring (RMM) platform faces critical security risks following the discovery of multiple vulnerabilities. According to Horizon3.ai, it allows unauthenticated attackers to bypass authentication, access legacy APIs, and exfiltrate sensitive files, including credentials and database backups.…
Threat Actors Pioneering a New Operational Model That Combines Digital and Physical Threats
Nation-state actors are fundamentally changing how they conduct military operations. The boundary between digital attacks and physical warfare is disappearing rapidly. Instead of treating cybersecurity and military operations as separate activities, hostile nations are now blending them together in coordinated…
Threat Actors Allegedly Selling Microsoft Office 0-Day RCE Vulnerability on Hacking Forums
A threat actor known as Zeroplayer has reportedly listed a zero-day remote code execution (RCE) vulnerability, combined with a sandbox escape, targeting Microsoft Office and Windows systems for sale on underground hacking forums. Priced at $30,000, the exploit purportedly works…
Screen Sharing on WhatsApp Turns Costly with Major Financial Loss
Several disturbing patterns of digital deception have quietly developed in recent months, revealing just how readily everyday communications tools can be turned into instruments of financial ruin in an instant. According to security researchers, there has been an increase…
LG Energy Solution Hit by Akira Ransomware, Data Breach Confirmed
LG Energy Solution, a leading South Korean battery manufacturer with global operations, confirmed a significant ransomware incident affecting one of its overseas facilities in mid-November 2025. The company announced that only a “specific overseas facility” was targeted, emphasizing that…
Inside the dark web job market
This report examines how employment and recruitment function on the dark web, based on over 2,000 job-related posts collected from shadow forums between January 2023 and June 2025. This article has been indexed from Securelist Read the original article: Inside…
Palo Alto kit sees massive surge in malicious activity amid mystery traffic flood
GlobalProtect login endpoints targeted, sparking concern that something bigger may be brewing Malicious traffic targeting Palo Alto Networks’ GlobalProtect portals surged almost 40-fold in the space of 24 hours, hitting a 90-day high and putting defenders on alert for whatever…
Vulnerability Allowed Scraping of 3.5 Billion WhatsApp Accounts
Researchers demonstrated a now-patched vulnerability that could have been used to enumerate all WhatsApp accounts. The post Vulnerability Allowed Scraping of 3.5 Billion WhatsApp Accounts appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
SSL Certificate And SiteLock Security: Which One Do You Need?
What is an SSL Certificate? An SSL certificate is a digital file that verifies a website’s identity and establishes an encrypted connection between the server and a web browser. An SSL certificate allows for the safe transmission of sensitive data,…
New Sturnus Android Trojan Quietly Captures Encrypted Chats and Hijacks Devices
Cybersecurity researchers have disclosed details of a new Android banking trojan called Sturnus that enables credential theft and full device takeover to conduct financial fraud. “A key differentiator is its ability to bypass encrypted messaging,” ThreatFabric said in a report…
CTM360 Exposes a Global WhatsApp Hijacking Campaign: HackOnChat
CTM360 has identified a rapidly expanding WhatsApp account-hacking campaign targeting users worldwide via a network of deceptive authentication portals and impersonation pages. The campaign, internally dubbed HackOnChat, abuses WhatsApp’s familiar web interface, using social engineering tactics to trick users into…
Mozilla Firefox 145 Rolls Out With Advanced Fingerprint Protection
Taking another leap towards securing users’ digital privacy, Mozilla rolls out Firefox 145 with enhanced… Mozilla Firefox 145 Rolls Out With Advanced Fingerprint Protection on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses. This article…
Researchers Disclosed Analysis of Rhadamanthys Loader’s Anti-Sandboxing and Anti-AV Emulation Features
Rhadamanthys has emerged as one of the most dangerous stealer malware programs since its first appearance in 2022. This advanced threat continues to challenge security teams with its ability to steal sensitive data from infected systems while avoiding detection by…
Critical Twonky Server Vulnerabilities Let Attackers Bypass Authentication
Twonky Server version 8.5.2 contains two critical authentication bypass vulnerabilities that allow unauthenticated attackers to gain full administrative access to the media server software. Rapid7 discovered that the vulnerabilities can be chained together to compromise administrator accounts without any user…
Cyber-enabled kinetic targeting: Iran-linked actor uses cyber operations to support physical attacks
Iran-linked actors mapped ship AIS data ahead of a missile strike attempt, highlighting the rise of cyber operations enabling real-world attacks. Iran-linked threat actors mapped ship Automatic Identification System (AIS) data shortly before an attempted missile strike, showing how Tehran-aligned…