A critical zero-day vulnerability in Oracle E-Business Suite (EBS) was exploited by the Cl0p ransomware group in mid-2025. The flaw, later tracked as CVE-2025-61882, allowed remote code execution without authentication,… The post CVE-2025-61882 Explained: The Oracle Zero-Day Breach That Hit…
Cyber risk a growing priority among insurance and asset management firms
A report by Moody’s shows an emphasis on board-level oversight and spending in order to boost cyber resilience. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Cyber risk a growing priority among insurance…
Risk mitigation budgets swell as enterprise AI adoption grows
Governing AI comes at a cost with most organizations increasing oversight investments in the next financial year, according to OneTrust data. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Risk mitigation budgets swell…
Wordfence Intelligence Weekly WordPress Vulnerability Report (September 29, 2025 to October 5, 2025)
📢 Calling all Vulnerability Researchers and Bug Bounty Hunters! 📢 🚀 Operation: Maximum Impact Challenge! Now through November 10, 2025, earn 2X bounty rewards for all in-scope submissions in software with at least 5,000 active installs and fewer than 5…
SonicWall Confirms Breach Exposing All Customer Firewall Configuration Backups
SonicWall, together with leading incident response firm Mandiant, has completed a thorough review of a recent cloud backup security incident. The investigation confirmed that an unknown party gained access to all firewall configuration backup files for customers using the MySonicWall…
Microsoft Azure Experiences Global Outage Disrupting Cloud Services Worldwide
Microsoft Azure suffered a significant service interruption that left many customers unable to reach cloud resources. The incident began at roughly 07:40 UTC, when Azure Front Door, the platform’s native content delivery network (CDN), lost about 30 percent of its…
Phantom Taurus: China-Linked Hackers Target Global Governments
China-linked hacker group Phantom Taurus targets global governments with advanced stealth malware. The post Phantom Taurus: China-Linked Hackers Target Global Governments appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: Phantom Taurus:…
Ransomware Attack on Motility Software Solutions Exposes Data of 766,000 Customers
Motility Software Solutions, a leading U.S.-based provider of dealer management software (DMS), has confirmed a ransomware attack that compromised the personal data of approximately 766,000 customers. The company, previously known as Systems 2000 (Sys2K), serves over 7,000 dealerships across…
EN, SentinelLabs - We are hunters, reversers, exploit developers, and tinkerers shedding light on the world of malware, exploits, APTs, and cybercrime across all platforms.
LABScon25 Replay | Auto-Poking The Bear: Analytical Tradecraft In The AI Age
AI agents promise speed, but at what cost to trust? Dreadnode’s Wendiggensen & Palm unpack this dilemma through a hands-on study of leaked Russian data. This article has been indexed from SentinelLabs – We are hunters, reversers, exploit developers, and…
Oracle E-Business Suite Zero-Day Exploited in Widespread Extortion Campaign
Written by: Peter Ukhanov, Genevieve Stark, Zander Work, Ashley Pearson, Josh Murchie, Austin Larsen Introduction Beginning Sept. 29, 2025, Google Threat Intelligence Group (GTIG) and Mandiant began tracking a new, large-scale extortion campaign by a threat actor claiming affiliation with…
Weaponized AI Assistants & Credential Thieves
Learn the state of AI and the NPM ecosystem with the recent s1ngularity’ weaponized AI for credential theft. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Weaponized AI Assistants & Credential Thieves
RondoDox: From Targeting Pwn2Own Vulnerabilities to Shotgunning Exploits
Trend™ Research and ZDI Threat Hunters have identified a large-scale RondoDox botnet campaign exploiting over 50 vulnerabilities across more than 30 vendors, including flaws first seen in Pwn2Own contests. This article has been indexed from Trend Micro Research, News and…
New Chaos-C++ Ransomware Targets Windows by Wiping Data, Stealing Crypto
FortiGuard Labs reveals Chaos-C++, a new Chaos ransomware variant that deletes files over 1.3 GB instead of encrypting them and uses clipboard hijacking to steal cryptocurrency. This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI…
Your Shipment Notification is Now a Malware Dropper
Forcepoint X-Labs reports a surge in sophisticated email attacks using obfuscated JavaScript and steganography to deliver dangerous RATs and info-stealers like Formbook and Agent Tesla. Learn how to defend against the threat. This article has been indexed from Hackread –…
Global Cyber Threats September 2025: Attack Volumes Ease Slightly, but GenAI Risks Intensify as Ransomware Surges 46%
In September 2025, the global cyber threat landscape reflected a temporary stabilization in overall attack volumes — yet beneath the surface, ransomware activity and data risks linked to generative AI (GenAI) surged to new highs. Organizations worldwide faced an average…
Met Police Arrest Teenagers in Kido Nursery Ransomware Attack
Two teens were arrested for a ransomware attack on Kido nurseries that exposed data from 8,000 children. The post Met Police Arrest Teenagers in Kido Nursery Ransomware Attack appeared first on eSecurity Planet. This article has been indexed from eSecurity…
ITDR vs EDR: What are the Key Differences?
Key takeaways: What are the main differences between ITDR, EDR, and other security solutions? How does ITDR provide effective protection against identity-based threats? How to effectively detect and respond to attacks. If there’s one thing the cybersecurity community loves, it’s an…
Microsoft Azure Faces Global Outage Affecting Services Worldwide
Microsoft Azure, one of the world’s leading cloud computing platforms, experienced a significant service outage on Thursday, October 9, 2025, leaving customers across Europe and Africa unable to access their services. The disruption began at approximately 07:40 UTC, with the…
AI Chatbot Leveraged as a Critical Backdoor to Access Sensitive Data and Infrastructure
In recent weeks, a sophisticated malware campaign has emerged that leverages conversational chatbots as covert entry points into enterprise systems. Initially observed in mid-September 2025, the threat actors targeted organizations running customer-facing chat applications built on large language models. By…
SonicWall Confirms That Hackers Stole All Customers Firewall Configuration Backup Files
SonicWall has confirmed that an unauthorized party accessed and stole the entire repository of customer firewall configuration backup files from its cloud service. The confirmation comes after the completion of an investigation with the cybersecurity firm Mandiant, which determined that…
New Phishing Kit Automates Generation of ClickFix Attack Bypassing Security Measures
The cybersecurity community has witnessed the rapid emergence of a novel phishing toolkit that automates the creation of “ClickFix” attack pages, enabling threat actors with minimal technical expertise to deploy sophisticated social engineering lures. Dubbed the IUAM ClickFix Generator, this…
Hackers Exploit DFIR Tool ‘Velociraptor’ in Ransomware Attacks
Security researchers at Cisco Talos have confirmed that ransomware operators are actively exploiting Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in their attacks. This marks the first definitive link between a legitimate security tool and a ransomware…
California just put people back in control of their data
California just passed 14 new privacy and AI laws. We’re highlighting a few that give users real control over their personal data. This article has been indexed from Malwarebytes Read the original article: California just put people back in control…
SonicWall breach hits every cloud backup customer after 5% claim goes up in smoke
Affects users regardless of when their backups were created SonicWall has admitted that all customers who used its cloud backup service to store firewall configuration files were affected by a cybersecurity incident first disclosed in mid-September, walking back earlier assurances…