Resecurity and watchTowr researchers have analyzed the leaked scripts used by attackers to exploit CVE-2025-61882 on internet-facing Oracle ESB instances. Whether the attackers were Cl0p or LAPSUS$, both, or even additional threat actors is still unknown, as the scripts have…
OPSWAT’s MetaDefender Drive delivers portable, network-free threat scanning
OPSWAT launched MetaDefender Drive with Smart Touch, a portable cybersecurity device designed for malware and compliance scanning of transient cyber assets regardless of network connectivity. It works across servers, desktops, and laptops before they enter secure environments. The device lets…
XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities
Cybersecurity researchers have charted the evolution of XWorm malware, turning it into a versatile tool for supporting a wide range of malicious actions on compromised hosts. “XWorm’s modular design is built around a core client and an array of specialized…
New Research: AI Is Already the #1 Data Exfiltration Channel in the Enterprise
For years, security leaders have treated artificial intelligence as an “emerging” technology, something to keep an eye on but not yet mission-critical. A new Enterprise AI and SaaS Data Security Report by AI & Browser Security company LayerX proves just…
Cavalry Werewolf APT Targets Russian Organizations Using FoalShell and Telegram C2
Cavalry Werewolf, a Russian-focused advanced persistent threat (APT) cluster, has intensified its offensive operations by experimenting with new malware variants and leveraging Telegram-based command-and-control (C2). Security teams must prioritize real-time visibility into the tools employed by this group to maintain…
Red Hat Breach Impacts 5,000+ High-Value Enterprise Customers, Data at Risk
An extortion group calling itself Crimson Collective claimed responsibility for a major breach at Red Hat Consulting. With only 22 followers on Telegram at the time, the group’s rapid rise to notoriety has stunned security experts. By the end of…
Who Governs Your NHIs? The Challenge of Defining Ownership in Modern Enterprise IT
“Ownership” is one of the harder concepts to define in the modern enterprise. This feels deceptive because, from a personal and human level, ownership is a rather straightforward concept. When you own something as a person, like your car or…
AI-Enabled Influence Operation Against Iran
Citizen Lab has uncovered a coordinated AI-enabled influence operation against the Iranian government, probably conducted by Israel. Key Findings A coordinated network of more than 50 inauthentic X profiles is conducting an AI-enabled influence operation. The network, which we refer…
Troops and veterans’ personal information leaked in CPAP Medical data breach
The leak exposed the names, Social Security numbers, and health details of more than 90,000 military patients, troops, veterans, and their families. This article has been indexed from Malwarebytes Read the original article: Troops and veterans’ personal information leaked in…
Filigran Raises $58 Million in Series C Funding
The company plans to expand to new markets, fuel the development of a new module for its platform, and accelerate AI integration. The post Filigran Raises $58 Million in Series C Funding appeared first on SecurityWeek. This article has been…
IT Security News Hourly Summary 2025-10-07 12h : 13 posts
13 posts were published in the last hour 10:3 : Too salty to handle: Exposing cases of CSS abuse for hidden text salting 10:3 : Supreme Court Rejects Google Bid To Halt App Store Changes 10:2 : Hackers Exploit Legitimate…
Security Firm Exposes Role of Beijing Research Institute in China’s Cyber Operations
BIETA and its subsidiary CIII research develop and sell technologies supporting China’s intelligence, counterintelligence, and military operations. The post Security Firm Exposes Role of Beijing Research Institute in China’s Cyber Operations appeared first on SecurityWeek. This article has been indexed…
Understanding Eye Vein Biometrics
Explore eye vein biometrics for authentication. Learn about its technology, security, development aspects, and how it compares to passwordless authentication methods. The post Understanding Eye Vein Biometrics appeared first on Security Boulevard. This article has been indexed from Security Boulevard…
Spike in Login Portal Scans Puts Palo Alto Networks on Alert
The Palo Alto Networks login portals have seen a dramatic surge in suspicious scanning activity over the past month, a development that has caught the attention of the cybersecurity community. Evidence suggests that threat actors are trying to coordinate…
Fake SIM Cards Fuel Cybercrime Surge as Eastern Uttar Pradesh Emerges Under Scrutiny
A quiet digital crisis is spreading across India. In the past three months, the Department of Telecommunications (DoT) has disconnected more than 6.1 million mobile numbers after uncovering large-scale fraudulent registrations. Investigators say eastern Uttar Pradesh has become a…
New Mic-E-Mouse Attack Shows Computer Mice Can Capture Conversations
Security researchers at UC Irvine reveal the ‘Mic-E-Mouse’ attack, showing how high-DPI optical sensors in modern mice can detect desk vibrations and reconstruct user speech with high accuracy. Learn how this side-channel vulnerability affects your privacy. This article has been…
CrowdStrike Alerts on Oracle E-Business Suite 0-Day Under Mass Exploitation
A novel zero-day vulnerability in Oracle E-Business Suite (CVE-2025-61882) is being actively exploited in a large-scale data exfiltration campaign, with CrowdStrike Intelligence attributing primary involvement to the GRACEFUL SPIDER threat group and warning that public proof-of-concept details will spur further…
13-Year-Old Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely
Redis has disclosed details of a maximum-severity security flaw in its in-memory database software that could result in remote code execution under certain circumstances. The vulnerability, tracked as CVE-2025-49844 (aka RediShell), has been assigned a CVSS score of 10.0. “An…
Too salty to handle: Exposing cases of CSS abuse for hidden text salting
A simple yet effective tactic, known as hidden text salting, is increasingly used by cybercriminals over the past few months to evade even the most advanced email security solutions, including those powered by machine learning and large language models. This…
Supreme Court Rejects Google Bid To Halt App Store Changes
US Supreme Court rejects emergency request by Google to halt court-ordered changes to app store rules designed to increase competition This article has been indexed from Silicon UK Read the original article: Supreme Court Rejects Google Bid To Halt App…
Hackers Exploit Legitimate Commands to Breach Databases
In recent years, adversaries have abandoned traditional malware in favor of “living-off-the-land” operations against cloud and SaaS environments. Rather than deploying custom ransomware binaries, many threat actors now exploit misconfigured database services—leveraging only built-in commands to steal, destroy, or encrypt…
Kibana Crowdstrike Connector Vulnerability Exposes Protected Credentials
Elastic has released a security advisory detailing a medium-severity vulnerability in the Kibana CrowdStrike Connector that could allow for the exposure of sensitive credentials. The flaw, tracked as CVE-2025-37728, affects multiple versions of Kibana and could allow a malicious user…
GoAnywhere 0-Day RCE Vulnerability Exploited in the Wild to Deploy Medusa Ransomware
A critical deserialization flaw in GoAnywhere MFT’s License Servlet, tracked as CVE-2025-10035, has already been weaponized by the Storm-1175 group to execute the Medusa ransomware. The vulnerability affects GoAnywhere MFT versions up to 7.8.3. It resides in the License Servlet…
Fortra GoAnywhere MFT Zero-Day Exploited in Ransomware Attacks
The Medusa ransomware operators exploited the GoAnywhere MFT vulnerability one week before patches were released. The post Fortra GoAnywhere MFT Zero-Day Exploited in Ransomware Attacks appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…