A critical vulnerability affecting DrayOS routers could let unauthenticated attackers execute code remotely. Discovered on July 22 by Pierre-Yves Maes of ChapsVision, the flaw stems from the use of an uninitialized variable in the Web User Interface (WebUI). Crafting special…
Threat Actors Pose as Government Officials to Attack Organizations with StallionRAT
In a recent wave of targeted phishing campaigns, the Cavalry Werewolf cluster has escalated its operations by impersonating government officials and deploying both FoalShell and StallionRAT malware. These tactics underscore the urgency of maintaining continuous cyber intelligence monitoring and implementing…
Oneleet Raises $33 Million for Security Compliance Platform
The cybersecurity startup will expand its engineering team, add more AI capabilities, and invest in go-to-market efforts. The post Oneleet Raises $33 Million for Security Compliance Platform appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Researchers Warn of Self-Spreading WhatsApp Malware Named SORVEPOTEL
Brazilian users have emerged as the target of a new self-propagating malware that spreads via the popular messaging app WhatsApp. The campaign, codenamed SORVEPOTEL by Trend Micro, weaponizes the trust with the platform to extend its reach across Windows systems,…
Cl0p-Linked Gang Attempts to Extort Oracle E-Business Customers
A ‘high-volume’ extortion campaign possibly linked to FIN11 and Cl0p is targeting Oracle E-Business executives. Mandiant and GTIG are investigating unproven data theft claims. This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto…
New XWorm V6 Variant Embeds Malicious Code into Trusted Windows Applications
In the constantly evolving world of cyber threats, staying informed is not just an advantage; it’s a necessity. First observed in 2022, XWorm quickly gained notoriety as a highly effective malware, providing cybercriminals with a versatile toolkit for malicious activities.…
From threats to apology, hackers pull child data offline after public backlash
After posting children’s photos online and issuing ransom demands, cybercriminals targeting Kido nurseries say they’ve erased the stolen data. This article has been indexed from Malwarebytes Read the original article: From threats to apology, hackers pull child data offline after…
UK government says digital ID won’t be compulsory – honest
Even spy-tech biz Palantir says ‘steady on’ as 2.76M Brits demand it be ditched The British government has finally given more details about the proposed digital ID project, directly responding to the 2.76 million naysayers that signed an online petition…
How Fileless Malware Differs From Traditional Malware Attacks
The cybersecurity landscape has witnessed a dramatic evolution in attack methodologies, with fileless malware emerging as one of the most sophisticated and dangerous threats facing organizations today. Unlike traditional malware that relies on executable files stored on disk, fileless attacks…
Chinese Hackers Compromising High-Value IIS Servers to Manipulate Search Rankings
The Chinese-speaking cybercrime group UAT-8099 has been stealthily breaching valuable Internet Information Services (IIS) servers in India, Thailand, Vietnam, Canada, and Brazil to carry out extensive search engine optimization (SEO) fraud. This campaign, which began surfacing in early 2025, leverages…
DrayOS Routers Vulnerability Let Attackers Execute Malicious Code Remotely
A critical vulnerability has been discovered in DrayTek’s DrayOS routers, which could allow unauthenticated remote attackers to execute malicious code. The flaw, tracked as CVE-2025-10547, affects a wide range of Vigor router models, prompting administrators to apply security updates urgently.…
TOTOLINK X6000R Router Vulnerabilities Let Remote Attackers Execute Arbitrary Commands
Critical security flaws have been discovered in the TOTOLINK X6000R wireless router, exposing users to severe risks of remote code execution and unauthorized system access. These vulnerabilities affect the router’s web interface and various administrative functions, creating multiple attack vectors…
Oracle tells Clop-targeted EBS users to apply July patch, problem solved
Researchers suggest internet-facing portals are exposing ‘thousands’ of orgs Oracle has finally broken its silence on those Clop-linked extortion emails, but only to tell customers what they already should have known: patch your damn systems.… This article has been indexed…
Unauthenticated RCE Flaw Patched in DrayTek Routers
The security defect can be exploited remotely via crafted HTTP/S requests to a vulnerable device’s web user interface. The post Unauthenticated RCE Flaw Patched in DrayTek Routers appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Product Walkthrough: How Passwork 7 Addresses Complexity of Enterprise Security
Passwork is positioned as an on-premises unified platform for both password and secrets management, aiming to address the increasing complexity of credential storage and sharing in modern organizations. The platform recently received a major update that reworks all the core…
GhostSocks Malware-as-a-Service Turns Compromised Devices into Proxies for Threat Actors
On October 15, 2023, a threat actor using the handle GhostSocks published a sales post on the Russian cybercrime forum xss[.]is advertising a novel Malware-as-a-Service (MaaS) offering. The post introduced GhostSocks, a service designed to turn compromised Windows machines into…
IT Security News Hourly Summary 2025-10-03 12h : 6 posts
6 posts were published in the last hour 10:2 : What Is Identity Threat Detection and Response? 10:2 : Oracle Says Known Vulnerabilities Possibly Exploited in Recent Extortion Attacks 10:2 : Enterprise Vulnerability Management: Key Processes and Tools 10:2 :…
SideWinder Hacker Group Targets Users with Fake Outlook/Zimbra Portals to Steal Login Credentials
The notorious SideWinder APT group has intensified its credential harvesting operations across South Asia, deploying sophisticated phishing campaigns that target government, defense, and critical infrastructure organizations through fake webmail portals. The campaign represents a significant escalation from the group’s August…
MokN Raises $3 Million for Phish-Back Solution
The French cybersecurity startup tricks attackers into revealing stolen credentials so they can be neutralized. The post MokN Raises $3 Million for Phish-Back Solution appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: MokN…
Organizations Warned of Exploited Meteobridge Vulnerability
Patched in mid-May, the security defect allows remote unauthenticated attackers to execute arbitrary commands with root privileges. The post Organizations Warned of Exploited Meteobridge Vulnerability appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
New “Cavalry Werewolf” Attack Hits Russian Agencies with FoalShell and StallionRAT
A threat actor that’s known to share overlaps with a hacking group called YoroTrooper has been observed targeting the Russian public sector with malware families such as FoalShell and StallionRAT. Cybersecurity vendor BI.ZONE is tracking the activity under the moniker…
Hackers Target Unpatched Flaws in Oracle E-Business Suite
Patches for the targeted vulnerabilities were released in Oracle’s July 2025 security update This article has been indexed from www.infosecurity-magazine.com Read the original article: Hackers Target Unpatched Flaws in Oracle E-Business Suite
Hackers Exploit Grafana Vulnerability Allowing Arbitrary File Reads
Researchers at GreyNoise observed a sudden spike in attempts to exploit a well-known Grafana flaw. This vulnerability, tracked as CVE-2021-43798, allows attackers to traverse paths on a server and read any file they choose. Over the course of a single…
Threat Actors Mimic Popular Brands to Deceive Users and Deploy Malware in New Wave of Attacks
Cybercriminals have launched a sophisticated campaign that leverages brand impersonation techniques to distribute malware through deceptive SMS phishing (smishing) attacks. This emerging threat demonstrates an evolution in social engineering tactics, where attackers strategically craft URLs containing trusted brand names to…