Lucene search
+L

20914 matches found

thn
thn
added 2025/10/15 5:36 a.m.8 views

New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login

SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution. The vulnerability, tracked as CVE-2025-42944, carries a CVSS score of 10.0. It has been described as a...

10CVSS7.3AI score0.02882EPSS
Exploits1
thn
thn
added 2025/10/14 4:55 p.m.11 views

Chinese Hackers Exploit ArcGIS Server as Backdoor for Over a Year

Threat actors with ties to China have been attributed to a novel campaign that compromised an ArcGIS system and turned it into a backdoor for more than a year. The activity, per ReliaQuest, is the handiwork of a Chinese state-sponsored hacking group called Flax Typhoon , which is also tracked as...

6.9AI score
Exploits0
thn
thn
added 2025/10/14 11:55 a.m.3 views

Moving Beyond Awareness: How Threat Hunting Builds Readiness

Every October brings a familiar rhythm - pumpkin-spice everything in stores and cafés, alongside a wave of reminders, webinars, and checklists in my inbox. Halloween may be just around the corner, yet for those of us in cybersecurity, Security Awareness Month is the true seasonal milestone. Make ...

6.7AI score
Exploits0
thn
thn
added 2025/10/14 11:45 a.m.10 views

RMPocalypse: Single 8-Byte Write Shatters AMD's SEV-SNP Confidential Computing

Chipmaker AMD has released fixes to address a security flaw dubbed RMPocalypse that could be exploited to undermine confidential computing guarantees provided by Secure Encrypted Virtualization with Secure Nested Paging SEV-SNP. The attack, per ETH Zürich researchers Benedict Schlüter and Shweta...

6.7AI score0.00199EPSS
Exploits0
thn
thn
added 2025/10/14 11:18 a.m.8 views

New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions

Android devices from Google and Samsung have been found vulnerable to a side-channel attack that could be exploited to covertly steal two-factor authentication 2FA codes, Google Maps timelines, and other sensitive data without the users' knowledge pixel-by-pixel. The attack has been codenamed...

5.5CVSS6.9AI score0.00122EPSS
Exploits0
thn
thn
added 2025/10/14 11:0 a.m.12 views

What AI Reveals About Web Applications— and Why It Matters

Before an attacker ever sends a payload, they've already done the work of understanding how your environment is built. They look at your login flows, your JavaScript files, your error messages, your API documentation, your GitHub repos. These are all clues that help them understand how your syste...

7.2AI score
Exploits0
thn
thn
added 2025/10/14 7:9 a.m.5 views

npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels

Cybersecurity researchers have identified several malicious packages across npm, Python, and Ruby ecosystems that leverage Discord as a command-and-control C2 channel to transmit stolen data to actor-controlled webhooks. Webhooks on Discord are a way to post messages to channels in the platform...

6.7AI score
Exploits0
thn
thn
added 2025/10/14 5:28 a.m.7 views

Researchers Expose TA585's MonsterV2 Malware Capabilities and Attack Chain

Cybersecurity researchers have shed light on a previously undocumented threat actor called TA585 that has been observed delivering an off-the-shelf malware called MonsterV2 via phishing campaigns. The Proofpoint Threat Research Team described the threat activity cluster as sophisticated, leveragi...

7.2AI score
Exploits0
thn
thn
added 2025/10/13 1:18 p.m.30 views

⚡ Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More

Every week, the cyber world reminds us that silence doesn't mean safety. Attacks often begin quietly — one unpatched flaw, one overlooked credential, one backup left unencrypted. By the time alarms sound, the damage is done. This week's edition looks at how attackers are changing the game — linki...

10CVSS8.1AI score0.99722EPSS
Exploits60
thn
thn
added 2025/10/13 11:50 a.m.8 views

Why Unmonitored JavaScript Is Your Biggest Holiday Security Risk

Think your WAF has you covered? Think again. This holiday season, unmonitored JavaScript is a critical oversight allowing attackers to steal payment data while your WAF and intrusion detection systems see nothing. With the 2025 shopping season weeks away, visibility gaps must close now. Get the...

6.8AI score
Exploits0
thn
thn
added 2025/10/13 10:12 a.m.6 views

Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors

Malware campaigns distributing the RondoDox botnet have expanded their targeting focus to exploit more than 50 vulnerabilities across over 30 vendors. The activity, described as akin to an "exploit shotgun" approach, has singled out a wide range of internet-exposed infrastructure, including...

8.8CVSS6.9AI score0.99999EPSS
Exploits7
thn
thn
added 2025/10/13 9:54 a.m.9 views

Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor

Microsoft said it has revamped the Internet Explorer IE mode in its Edge browser after receiving "credible reports" in August 2025 that unknown threat actors were abusing the backward compatibility feature to gain unauthorized access to users' devices. "Threat actors were leveraging basic social...

7.6AI score
Exploits0
thn
thn
added 2025/10/13 6:52 a.m.10 views

Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns

Cybersecurity researchers are calling attention to a new campaign that delivers the Astaroth banking trojan that employs GitHub as a backbone for its operations to stay resilient in the face of infrastructure takedowns. "Instead of relying solely on traditional command-and-control C2 servers that...

6.4AI score
Exploits0
thn
thn
added 2025/10/13 5:12 a.m.8 views

New Rust-Based Malware "ChaosBot" Uses Discord Channels to Control Victims' PCs

Cybersecurity researchers have disclosed details of a new Rust-based backdoor called ChaosBot that can allow operators to conduct reconnaissance and execute arbitrary commands on compromised hosts. "Threat actors leveraged compromised credentials that mapped to both Cisco VPN and an over-privileg...

7.8AI score
Exploits0
thn
thn
added 2025/10/12 5:24 p.m.16 views

New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login

Oracle on Saturday issued a security alert warning of a fresh security flaw impacting its E-Business Suite that it said could allow unauthorized access to sensitive data. The vulnerability, tracked as CVE-2025-61884 , carries a CVSS score of 7.5, indicating high severity. It affects versions from...

9.8CVSS6.9AI score0.99722EPSS
Exploits19
thn
thn
added 2025/10/11 1:30 p.m.11 views

Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts

Cybersecurity company Huntress on Friday warned of "widespread compromise" of SonicWall SSL VPN devices to access multiple customer environments. "Threat actors are authenticating into multiple accounts rapidly across compromised devices," it said. "The speed and scale of these attacks imply that...

9.8CVSS6.7AI score0.15593EPSS
Exploits0
thn
thn
added 2025/10/11 1:4 p.m.8 views

Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks

Threat actors are abusing Velociraptor, an open-source digital forensics and incident response DFIR tool, in connection with ransomware attacks likely orchestrated by Storm-2603 aka CL-CRI-1040 or Gold Salem, which is known for deploying the Warlock and LockBit ransomware. The threat actor's use ...

5.5CVSS7.3AI score0.00963EPSS
Exploits2
thn
thn
added 2025/10/10 2:25 p.m.3 views

Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers

Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js' Single Executable Application SEA feature as a way to distribute its payloads. According to Fortinet FortiGuard Labs, select iterations have also employed the open-source...

7.3AI score
Exploits0
thn
thn
added 2025/10/10 1:31 p.m.3 views

Microsoft Warns of 'Payroll Pirates' Hijacking HR SaaS Accounts to Steal Employee Salaries

A threat actor known as Storm-2657 has been observed hijacking employee accounts with the end goal of diverting salary payments to attacker-controlled accounts. "Storm-2657 is actively targeting a range of U.S.-based organizations, particularly employees in sectors like higher education, to gain...

6.8AI score
Exploits0
thn
thn
added 2025/10/10 11:42 a.m.7 views

From Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation

Fortra on Thursday revealed the results of its investigation into CVE-2025-10035, a critical security flaw in GoAnywhere Managed File Transfer MFT that's assessed to have come under active exploitation since at least September 11, 2025. The company said it began its investigation on September 11...

10CVSS7.2AI score0.99614EPSS
Exploits3
thn
thn
added 2025/10/10 11:0 a.m.12 views

The AI SOC Stack of 2026: What Sets Top-Tier Platforms Apart?

The SOC of 2026 will no longer be a human-only battlefield. As organizations scale and threats evolve in sophistication and velocity, a new generation of AI-powered agents is reshaping how Security Operations Centers SOCs detect, respond, and adapt. But not all AI SOC platforms are created equal...

6.8AI score
Exploits0
thn
thn
added 2025/10/10 10:45 a.m.6 views

175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign

Cybersecurity researchers have flagged a new set of 175 malicious packages on the npm registry that have been used to facilitate credential harvesting attacks as part of an unusual campaign. The packages have been collectively downloaded 26,000 times, acting as an infrastructure for a widespread...

7AI score
Exploits0
thn
thn
added 2025/10/10 9:34 a.m.12 views

From LFI to RCE: Active Exploitation Detected in Gladinet and TrioFox Vulnerability

Cybersecurity company Huntress said it has observed active in-the-wild exploitation of an unpatched security flaw impacting Gladinet CentreStack and TrioFox products. The zero-day vulnerability, tracked as CVE-2025-11371 CVSS score: 6.1, is an unauthenticated local file inclusion bug that allows...

9.8CVSS10AI score0.93842EPSS
Exploits8
thn
thn
added 2025/10/10 6:41 a.m.10 views

CL0P-Linked Hackers Breach Dozens of Organizations Through Oracle Software Flaw

Dozens of organizations may have been impacted following the zero-day exploitation of a security flaw in Oracle's E-Business Suite EBS software since August 9, 2025, Google Threat Intelligence Group GTIG and Mandiant said in a new report released Thursday. "We're still assessing the scope of this...

9.8CVSS8.3AI score0.99722EPSS
Exploits15
thn
thn
added 2025/10/09 5:19 p.m.5 views

From HealthKick to GOVERSHELL: The Evolution of UTA0388's Espionage Malware

A China-aligned threat actor codenamed UTA0388 has been attributed to a series of spear-phishing campaigns targeting North America, Asia, and Europe that are designed to deliver a Go-based implant known as GOVERSHELL. "The initially observed campaigns were tailored to the targets, and the message...

6.9AI score
Exploits0
thn
thn
added 2025/10/09 3:30 p.m.6 views

New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps

A rapidly evolving Android spyware campaign called ClayRat has targeted users in Russia using a mix of Telegram channels and lookalike phishing websites by impersonating popular apps like WhatsApp, Google Photos, TikTok, and YouTube as lures to install them. "Once active, the spyware can exfiltra...

6.9AI score
Exploits0
thn
thn
added 2025/10/09 1:48 p.m.5 views

Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks

SonicWall on Wednesday disclosed that an unauthorized party accessed firewall configuration backup files for all customers who have used the cloud backup service. "The files contain encrypted credentials and configuration data; while encryption remains in place, possession of these files could...

6.5AI score
Exploits0
thn
thn
added 2025/10/09 12:16 p.m.13 views

ThreatsDay Bulletin: MS Teams Hack, MFA Hijacking, $2B Crypto Heist, Apple Siri Probe & More

Cyber threats are evolving faster than ever. Attackers now combine social engineering, AI-driven manipulation, and cloud exploitation to breach targets once considered secure. From communication platforms to connected devices, every system that enhances convenience also expands the attack surface...

9.8CVSS7.8AI score0.99722EPSS
Exploits15
thn
thn
added 2025/10/09 11:30 a.m.7 views

SaaS Breaches Start with Tokens - What Security Teams Must Watch

Token theft is a leading cause of SaaS breaches. Discover why OAuth and API tokens are often overlooked and how security teams can strengthen token hygiene to prevent attacks. Most companies in 2025 rely on a whole range of software-as-a-service SaaS applications to run their operations. However,...

6AI score
Exploits0
thn
thn
added 2025/10/09 9:10 a.m.9 views

From Phishing to Malware: AI Becomes Russia's New Cyber Weapon in War on Ukraine

Russian hackers' adoption of artificial intelligence AI in cyber attacks against Ukraine has reached a new level in the first half of 2025 H1 2025, the country's State Service for Special Communications and Information Protection SSSCIP said. "Hackers now employ it not only to generate phishing...

9.9CVSS6.3AI score0.94741EPSS
Exploits38
thn
thn
added 2025/10/09 6:57 a.m.14 views

Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme

Threat actors are actively exploiting a critical security flaw impacting the Service Finder WordPress theme that makes it possible to gain unauthorized access to any account, including administrators, and take control of susceptible sites. The authentication bypass vulnerability, tracked as...

9.8CVSS7.5AI score0.04469EPSS
Exploits2
thn
thn
added 2025/10/08 4:43 p.m.8 views

Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks

Cybersecurity researchers are calling attention to a nefarious campaign targeting WordPress sites to make malicious JavaScript injections that are designed to redirect users to sketchy sites. "Site visitors get injected content that was drive-by malware like fake Cloudflare verification," Sucuri...

6.6AI score
Exploits0
thn
thn
added 2025/10/08 1:56 p.m.6 views

Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave

Threat actors with suspected ties to China have turned a legitimate open-source monitoring tool called Nezha into an attack weapon, using it to deliver a known malware called Gh0st RAT to targets. The activity, observed by cybersecurity company Huntress in August 2025, is characterized by the use...

7.4AI score
Exploits0
thn
thn
added 2025/10/08 12:8 p.m.6 views

Step Into the Password Graveyard… If You Dare (and Join the Live Session)

Every year, weak passwords lead to millions in losses — and many of those breaches could have been stopped. Attackers don't need advanced tools; they just need one careless login. For IT teams, that means endless resets, compliance struggles, and sleepless nights worrying about the next credentia...

6.7AI score
Exploits0
thn
thn
added 2025/10/08 12:4 p.m.3 views

LockBit, Qilin, and DragonForce Join Forces to Dominate the Ransomware Ecosystem

Three prominent ransomware groups DragonForce, LockBit, and Qilin have announced a new strategic ransomware alliance, once underscoring continued shifts in the cyber threat landscape. The coalition is seen as an attempt on the part of the financially motivated threat actors to conduct more...

6.7AI score
Exploits0
thn
thn
added 2025/10/08 10:58 a.m.2 views

Severe Framelink Figma MCP Vulnerability Lets Hackers Execute Code Remotely

Cybersecurity researchers have disclosed details of a now-patched vulnerability in the popular figma-developer-mcp Model Context Protocol MCP server that could allow attackers to achieve code execution. The vulnerability, tracked as CVE-2025-53967 CVSS score: 7.5, is a command injection bug...

8CVSS8.5AI score0.07417EPSS
Exploits0
thn
thn
added 2025/10/08 8:57 a.m.11 views

No Time to Waste: Embedding AI to Cut Noise and Reduce Risk

Artificial intelligence is reshaping cybersecurity on both sides of the battlefield. Cybercriminals are using AI-powered tools to accelerate and automate attacks at a scale defenders have never faced before. Security teams are overwhelmed by an explosion of vulnerability data, tool outputs, and...

6.8AI score
Exploits0
thn
thn
added 2025/10/08 7:16 a.m.10 views

OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks

OpenAI on Tuesday said it disrupted three activity clusters for misusing its ChatGPT artificial intelligence AI tool to facilitate malware development. This includes a Russian‑language threat actor, who is said to have used the chatbot to help develop and refine a remote access trojan RAT, a...

7.3AI score
Exploits0
thn
thn
added 2025/10/07 5:4 p.m.3 views

BatShadow Group Uses New Go-Based 'Vampire Bot' Malware to Hunt Job Seekers

A Vietnamese threat actor named BatShadow has been attributed to a new campaign that leverages social engineering tactics to deceive job seekers and digital marketing professionals to deliver a previously undocumented malware called Vampire Bot. "The attackers pose as recruiters, distributing...

6.8AI score
Exploits0
thn
thn
added 2025/10/07 3:18 p.m.9 views

Google's New AI Doesn't Just Find Vulnerabilities — It Rewrites Code to Patch Them

Google's DeepMind division on Monday announced an artificial intelligence AI-powered agent called CodeMender that automatically detects, patches, and rewrites vulnerable code to prevent future exploits. The efforts add to the company's ongoing efforts to improve AI-powered vulnerability discovery...

6.9AI score
Exploits0
thn
thn
added 2025/10/07 11:0 a.m.6 views

New Research: AI Is Already the #1 Data Exfiltration Channel in the Enterprise

For years, security leaders have treated artificial intelligence as an "emerging" technology, something to keep an eye on but not yet mission-critical. A new Enterprise AI and SaaS Data Security Report by AI & Browser Security company LayerX proves just how outdated that mindset has become. Far...

6.8AI score
Exploits0
thn
thn
added 2025/10/07 10:36 a.m.6 views

XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities

Cybersecurity researchers have charted the evolution of XWorm malware, turning it into a versatile tool for supporting a wide range of malicious actions on compromised hosts. "XWorm's modular design is built around a core client and an array of specialized components known as plugins," Trellix...

8.6AI score
Exploits0
thn
thn
added 2025/10/07 8:33 a.m.9 views

13-Year-Old Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely

Redis has disclosed details of a maximum-severity security flaw in its in-memory database software that could result in remote code execution under certain circumstances. The vulnerability, tracked as CVE-2025-49844 aka RediShell, has been assigned a CVSS score of 10.0. "An authenticated user may...

9.9CVSS8AI score0.86767EPSS
Exploits14
thn
thn
added 2025/10/07 8:15 a.m.14 views

Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware

Microsoft on Monday attributed a threat actor it tracks as Storm-1175 to the exploitation of a critical security flaw in Fortra GoAnywhere software to facilitate the deployment of Medusa ransomware. The vulnerability is CVE-2025-10035 CVSS score: 10.0, a critical deserialization bug that could...

10CVSS8.8AI score0.99614EPSS
Exploits3
thn
thn
added 2025/10/07 5:12 a.m.7 views

Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks

CrowdStrike on Monday said it's attributing the exploitation of a recently disclosed security flaw in Oracle E-Business Suite with moderate confidence to a threat actor it tracks as Graceful Spider aka Cl0p, and that the first known exploitation occurred on August 9, 2025. The malicious activity...

9.8CVSS8.8AI score0.99722EPSS
Exploits15
thn
thn
added 2025/10/06 2:0 p.m.11 views

New Report Links Research Firms BIETA and CIII to China's MSS Cyber Operations

A Chinese company named the Beijing Institute of Electronics Technology and Application BIETA has been assessed to be likely led by the Ministry of State Security MSS. The assessment comes from evidence that at least four BIETA personnel have clear or possible links to MSS officers and their...

6.5AI score
Exploits0
thn
thn
added 2025/10/06 11:38 a.m.5 views

5 Critical Questions For Adopting an AI Security Solution

In the era of rapidly advancing artificial intelligence AI and cloud technologies, organizations are increasingly implementing security measures to protect sensitive data and ensure regulatory compliance. Among these measures, AI-SPM AI Security Posture Management solutions have gained traction t...

6.7AI score
Exploits0
thn
thn
added 2025/10/06 11:38 a.m.26 views

⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More

The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons from the field. This recap cuts through the noise to share what really matters—key trends, warning signs, and stories shaping today's security landscape...

9.9CVSS7.5AI score0.99722EPSS
Exploits79
thn
thn
added 2025/10/06 11:37 a.m.10 views

Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks

Oracle has released an emergency update to address a critical security flaw in its E-Business Suite software that it said has been exploited in the recent wave of Cl0p data theft attacks. The vulnerability, tracked as CVE-2025-61882 CVSS score: 9.8, concerns an unspecified bug that could allow an...

9.8CVSS8AI score0.99722EPSS
Exploits15
thn
thn
added 2025/10/06 11:36 a.m.5 views

Chinese Cybercrime Group Runs Global SEO Fraud Ring Using Compromised IIS Servers

Cybersecurity researchers have shed light on a Chinese-speaking cybercrime group codenamed UAT-8099 that has been attributed to search engine optimization SEO fraud and theft of high-value credentials, configuration files, and certificate data. The attacks are designed to target Microsoft Interne...

6.8AI score
Exploits0
Total number of security vulnerabilities20914