Geek-Guy.com

Category: Exploits

Explore the latest software exploits, zero-day vulnerabilities, and security PoCs. Geek-Guy provides expert analysis on emerging threats and how to stay protected.

Breaking News, Cybercrime, Exploits, Global Security News, hacking, hacking news, malware

Google, Mandiant expose malware and zero-day behind Oracle EBS extortion

Google and Mandiant link Oracle EBS extortion emails to known July-patched flaws and a likely zero-day, CVE-2025-61882. Google Threat Intelligence and Mandiant analyzed the Oracle E-Business Suite extortion campaign, revealing the use of malware. Attackers exploited July-patched EBS flaws and likely a zero-day (CVE-2025-61882), sending extortion emails to company executives. In early October, Google Mandiant…

Read more →

Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, malware, Security

Stealit Malware spreads via fake game & VPN installers on Mediafire and Discord

Stealit malware abuses Node.js SEA and Electron to spread via fake game and VPN installers shared on Mediafire and Discord. Fortinet FortiGuard Labs researchers spotted Stealit malware campaign abusing Node.js Single Executable Application (SEA) and sometimes Electron to spread via fake game and VPN installers on Mediafire and Discord. Fortinet uncovered the campaign while investigating…

Read more →

Breaking News, cyber crime, Exploits, Global Security News, hacking, Security

Clop Ransomware group claims the hack of Harvard University

The notorious Clop Ransomware group claims the hack of Harvard University and added the prestigious institute to its Tor data leak site. The Clop Ransomware group announced the hack of the prestigious Harvard University. The cybercrime group created a page for the university on its Tor data leak site and announced it will leak the…

Read more →

Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news

Security Affairs newsletter Round 545 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. CVE-2025-11371: Unpatched zero-day in Gladinet CentreStack, Triofox under attack Cybercrime ring GXC Team dismantled in Spain,…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, malware, Security

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 66

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ransomware and Cyber Extortion in Q3 2025   Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability XWorm V6: Exploring Pivotal Plugins   ClayRat: A New Android Spyware Targeting Russia   Security Evaluation of Android apps…

Read more →

Breaking News, Exploits, Gladinet, Global Security News, hacking, hacking news, information security news

CVE-2025-11371: Unpatched zero-day in Gladinet CentreStack, Triofox under attack

Threat actors are exploiting a zero-day, tracked as CVE-2025-11371 in Gladinet CentreStack and Triofox products. Threat actors are exploiting the local File Inclusion (LFI) flaw CVE-2025-11371, a zero-day in Gladinet CentreStack and Triofox. A local user can exploit the issue to access system files without authentication. Gladinet CentreStack and Triofox are enterprise file-sharing and cloud…

Read more →

Breaking News, cyber crime, Exploits, Global Security News, hacking, Security

Attackers exploit valid logins in SonicWall SSL VPN compromise

Huntress warns of widespread SonicWall SSL VPN breaches, with attackers using valid credentials to access multiple accounts rapidly. Cybersecurity firm Huntress warned of a widespread compromise of SonicWall SSL VPNs, with threat actors using valid credentials to access multiple customer accounts rapidly. “As of October 10, Huntress has observed widespread compromise of SonicWall SSLVPN devices…

Read more →

Exploits, Global Security News, Mobile Security, Technology Industry, Threat and Vulnerability Management

Apple bumps RCE bug bounties to $2M to counter commercial spyware vendors

In light of new memory safety features added to Apple’s latest iPhone chips that make entire classes of exploits harder to pull off, the company has revamped its bug bounty program to double or quadruple rewards in various attack categories. The payout for an iOS zero-click system-level remote code execution (RCE) exploit responsibly disclosed to…

Read more →

data breach, Exploits, Global Security News

SonicWall data breach affects all cloud backup customers

On Sept. 17, security vendor SonicWall announced that cybercriminals had stolen backup files configured for cloud backup. At the time, the company claimed the incident was limited to “less than five percent” of its customers. Now, the firewall provider has admitted that “all customers” using the MySonicWall cloud backup feature were affected. Consequences of the attack…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, Security

Juniper patched nine critical flaws in Junos Space

Juniper fixed nearly 220 flaws in Junos OS, Junos Space, and Security Director, including nine critical bugs in Junos Space. Juniper Networks released patches to address nearly 220 vulnerabilities in Junos OS, Junos Space, and Security Director, including nine critical flaws in Junos Space. One of these flaws, tracked as CVE-2025-59978 (CVSS score of 9.0),…

Read more →

APT, Breaking News, Cyber warfare, Exploits, Global Security News, hacking, intelligence

Ukraine sees surge in AI-Powered cyberattacks by Russia-linked Threat Actors

Russia-linked actors use AI to craft phishing and malware attacks against entities in Ukraine, says SSSCIP. Russian hackers increasingly use AI in cyberattacks against Ukraine, the country’s State Service for Special Communications and Information Protection (SSSCIP) reported. Beyond AI-generated phishing, some malware samples now show AI-generated code. In H1 2025, Ukraine recorded 3,018 cyber incidents,…

Read more →

Breaking News, CISA, Exploits, Global Security News, hacking, hacking news, Security

U.S. CISA adds Grafana flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Grafana flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Grafana flaw, tracked as CVE-2021-43798 (CVSS score 7.5), to its Known Exploited Vulnerabilities (KEV) catalog. Grafana is an open-source platform for monitoring and observability.  This flaw is a directory traversal vulnerability affecting versions…

Read more →

Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, malware

RondoDox Botnet targets 56 flaws across 30+ device types worldwide

RondoDox botnet exploits 56 known flaws in over 30 device types, including DVRs, CCTV systems, and servers, active globally since June. Trend Micro researchers reported that the RondoDox botnet exploits 56 known flaws in over 30 device types, including DVRs, NVRs, CCTV systems, and web servers, active globally since June. Experts noted that the latest…

Read more →

Exploits, Global Security News

The CIA triad is dead — stop using a Cold War relic to fight 21st century threats

For decades, the information security industry has been stuck in a time warp. We face threats shaped by the advancement of cloud infrastructure, autonomous AI, and fragile global supply chains, yet our intellectual foundation remains the CIA triad: confidentiality, integrity, and availability. This “forest of overlapping and conflicting frameworks” is masochistically anchored to a model…

Read more →

Cybercrime, Cybersecurity, Exploits, Global Security News, Research, Technology, Threats

SonicWall admits attacker accessed all customer firewall configurations stored on cloud portal

A brute-force attack exposed firewall configuration files of every SonicWall customer who used the company’s cloud backup service, the besieged vendor said Wednesday. An investigation aided by Mandiant confirmed the totality of compromise that occurred when unidentified attackers hit a customer-facing system of SonicWall controls. The company previously said less than 5% of its firewall…

Read more →

Breaking News, cyber crime, Exploits, Global Security News, hacking, malware

ClayRat campaign uses Telegram and phishing sites to distribute Android spyware

ClayRat Android spyware targets Russian users via fake Telegram channels and phishing sites posing as popular apps like WhatsApp and YouTube. The ClayRat Android spyware campaign targets Russian users via fake Telegram channels and phishing sites posing as popular apps like Google Photos, WhatsApp, TikTok, YouTube. Zimperium named the spyware ClayRat after its C2 server,…

Read more →

Clop, Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research

Dozens of Oracle customers impacted by Clop data theft for extortion campaign

Clop, the notorious ransomware group, began targeting Oracle E-Business Suite customers three months ago and started exploiting a zero-day affecting the enterprise platform to steal massive amounts of data from victims as early as Aug. 9, Google Threat Intelligence Group and Mandiant said in a report Thursday.  “We’re still assessing the scope of this incident,…

Read more →

Clop, Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research

Dozens of Oracle customers impacted by Clop data theft for extortion campaign

Clop, the notorious ransomware group, began targeting Oracle E-Business Suite customers three months ago and started exploiting a zero-day affecting the enterprise platform to steal massive amounts of data from victims as early as Aug. 9, Google Threat Intelligence Group and Mandiant said in a report Thursday.  “We’re still assessing the scope of this incident,…

Read more →

Clop, Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research

Dozens of Oracle customers impacted by Clop data theft for extortion campaign

Clop, the notorious ransomware group, began targeting Oracle E-Business Suite customers three months ago and started exploiting a zero-day affecting the enterprise platform to steal massive amounts of data from victims as early as Aug. 9, Google Threat Intelligence Group and Mandiant said in a report Thursday.  “We’re still assessing the scope of this incident,…

Read more →

Clop, Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research

Dozens of Oracle customers impacted by Clop data theft for extortion campaign

Clop, the notorious ransomware group, began targeting Oracle E-Business Suite customers three months ago and started exploiting a zero-day affecting the enterprise platform to steal massive amounts of data from victims as early as Aug. 9, Google Threat Intelligence Group and Mandiant said in a report Thursday.  “We’re still assessing the scope of this incident,…

Read more →

Clop, Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research

Dozens of Oracle customers impacted by Clop data theft for extortion campaign

Clop, the notorious ransomware group, began targeting Oracle E-Business Suite customers three months ago and started exploiting a zero-day affecting the enterprise platform to steal massive amounts of data from victims as early as Aug. 9, Google Threat Intelligence Group and Mandiant said in a report Thursday.  “We’re still assessing the scope of this incident,…

Read more →

Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, hacking news

CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts

Threat actors are exploiting a critical flaw, tracked as CVE-2025-5947, in the Service Finder WordPress theme’s Bookings plugin. Threat actors are exploiting a critical vulnerability, tracked as CVE-2025-5947 (CVSS score 9.8), in the Service Finder WordPress theme’s Bookings plugin. The plugin (versions ≤6.0) has an authentication bypass issue allowing attackers to log in as any…

Read more →

Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, hacking news

CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts

Threat actors are exploiting a critical flaw, tracked as CVE-2025-5947, in the Service Finder WordPress theme’s Bookings plugin. Threat actors are exploiting a critical vulnerability, tracked as CVE-2025-5947 (CVSS score 9.8), in the Service Finder WordPress theme’s Bookings plugin. The plugin (versions ≤6.0) has an authentication bypass issue allowing attackers to log in as any…

Read more →

Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, hacking news

CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts

Threat actors are exploiting a critical flaw, tracked as CVE-2025-5947, in the Service Finder WordPress theme’s Bookings plugin. Threat actors are exploiting a critical vulnerability, tracked as CVE-2025-5947 (CVSS score 9.8), in the Service Finder WordPress theme’s Bookings plugin. The plugin (versions ≤6.0) has an authentication bypass issue allowing attackers to log in as any…

Read more →

Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, hacking news

CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts

Threat actors are exploiting a critical flaw, tracked as CVE-2025-5947, in the Service Finder WordPress theme’s Bookings plugin. Threat actors are exploiting a critical vulnerability, tracked as CVE-2025-5947 (CVSS score 9.8), in the Service Finder WordPress theme’s Bookings plugin. The plugin (versions ≤6.0) has an authentication bypass issue allowing attackers to log in as any…

Read more →

Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, hacking news

CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts

Threat actors are exploiting a critical flaw, tracked as CVE-2025-5947, in the Service Finder WordPress theme’s Bookings plugin. Threat actors are exploiting a critical vulnerability, tracked as CVE-2025-5947 (CVSS score 9.8), in the Service Finder WordPress theme’s Bookings plugin. The plugin (versions ≤6.0) has an authentication bypass issue allowing attackers to log in as any…

Read more →

Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, hacking news

CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts

Threat actors are exploiting a critical flaw, tracked as CVE-2025-5947, in the Service Finder WordPress theme’s Bookings plugin. Threat actors are exploiting a critical vulnerability, tracked as CVE-2025-5947 (CVSS score 9.8), in the Service Finder WordPress theme’s Bookings plugin. The plugin (versions ≤6.0) has an authentication bypass issue allowing attackers to log in as any…

Read more →

Exploits, Global Security News, Phishing, Security

ClayRat spyware turns phones into distribution hubs via SMS and Telegram

A fast-evolving Android spyware campaign known as “ClayRat,” initially targeting Russian users but now spreading far beyond, has produced more than 600 samples and 50 droppers in just three months. According to Zimperium’s Zlabs observations, ClayRat is distributed via phishing sites and Telegram channels posing as popular apps such as TikTok, YouTube, and Google Photos,…

Read more →

Exploits, Global Security News, Phishing, Security

ClayRat spyware turns phones into distribution hubs via SMS and Telegram

A fast-evolving Android spyware campaign known as “ClayRat,” initially targeting Russian users but now spreading far beyond, has produced more than 600 samples and 50 droppers in just three months. According to Zimperium’s Zlabs observations, ClayRat is distributed via phishing sites and Telegram channels posing as popular apps such as TikTok, YouTube, and Google Photos,…

Read more →

Exploits, Global Security News, Phishing, Security

ClayRat spyware turns phones into distribution hubs via SMS and Telegram

A fast-evolving Android spyware campaign known as “ClayRat,” initially targeting Russian users but now spreading far beyond, has produced more than 600 samples and 50 droppers in just three months. According to Zimperium’s Zlabs observations, ClayRat is distributed via phishing sites and Telegram channels posing as popular apps such as TikTok, YouTube, and Google Photos,…

Read more →

Exploits, Global Security News, Phishing, Security

ClayRat spyware turns phones into distribution hubs via SMS and Telegram

A fast-evolving Android spyware campaign known as “ClayRat,” initially targeting Russian users but now spreading far beyond, has produced more than 600 samples and 50 droppers in just three months. According to Zimperium’s Zlabs observations, ClayRat is distributed via phishing sites and Telegram channels posing as popular apps such as TikTok, YouTube, and Google Photos,…

Read more →

Exploits, Global Security News, Phishing, Security

ClayRat spyware turns phones into distribution hubs via SMS and Telegram

A fast-evolving Android spyware campaign known as “ClayRat,” initially targeting Russian users but now spreading far beyond, has produced more than 600 samples and 50 droppers in just three months. According to Zimperium’s Zlabs observations, ClayRat is distributed via phishing sites and Telegram channels posing as popular apps such as TikTok, YouTube, and Google Photos,…

Read more →

Exploits, Global Security News, Phishing, Security

ClayRat spyware turns phones into distribution hubs via SMS and Telegram

A fast-evolving Android spyware campaign known as “ClayRat,” initially targeting Russian users but now spreading far beyond, has produced more than 600 samples and 50 droppers in just three months. According to Zimperium’s Zlabs observations, ClayRat is distributed via phishing sites and Telegram channels posing as popular apps such as TikTok, YouTube, and Google Photos,…

Read more →

Exploits, Global Security News

Homeland Security’s reassignment of CISA staff leaves US networks exposed

The US Department of Homeland Security has started reassigning cybersecurity personnel to non-cyber duties tied to deportation and border enforcement priorities. Hundreds of workers within the Cybersecurity and Infrastructure Security Agency (CISA), who were engaged in issuing alerts about threats against US agencies and critical infrastructure, have been shuffled and reassigned to agencies such as…

Read more →

Exploits, Global Security News

Homeland Security’s reassignment of CISA staff leaves US networks exposed

The US Department of Homeland Security has started reassigning cybersecurity personnel to non-cyber duties tied to deportation and border enforcement priorities. Hundreds of workers within the Cybersecurity and Infrastructure Security Agency (CISA), who were engaged in issuing alerts about threats against US agencies and critical infrastructure, have been shuffled and reassigned to agencies such as…

Read more →

Exploits, Global Security News

Homeland Security’s reassignment of CISA staff leaves US networks exposed

The US Department of Homeland Security has started reassigning cybersecurity personnel to non-cyber duties tied to deportation and border enforcement priorities. Hundreds of workers within the Cybersecurity and Infrastructure Security Agency (CISA), who were engaged in issuing alerts about threats against US agencies and critical infrastructure, have been shuffled and reassigned to agencies such as…

Read more →

Exploits, Global Security News

Homeland Security’s reassignment of CISA staff leaves US networks exposed

The US Department of Homeland Security has started reassigning cybersecurity personnel to non-cyber duties tied to deportation and border enforcement priorities. Hundreds of workers within the Cybersecurity and Infrastructure Security Agency (CISA), who were engaged in issuing alerts about threats against US agencies and critical infrastructure, have been shuffled and reassigned to agencies such as…

Read more →

Exploits, Global Security News

Homeland Security’s reassignment of CISA staff leaves US networks exposed

The US Department of Homeland Security has started reassigning cybersecurity personnel to non-cyber duties tied to deportation and border enforcement priorities. Hundreds of workers within the Cybersecurity and Infrastructure Security Agency (CISA), who were engaged in issuing alerts about threats against US agencies and critical infrastructure, have been shuffled and reassigned to agencies such as…

Read more →

Exploits, Global Security News

Homeland Security’s reassignment of CISA staff leaves US networks exposed

The US Department of Homeland Security has started reassigning cybersecurity personnel to non-cyber duties tied to deportation and border enforcement priorities. Hundreds of workers within the Cybersecurity and Infrastructure Security Agency (CISA), who were engaged in issuing alerts about threats against US agencies and critical infrastructure, have been shuffled and reassigned to agencies such as…

Read more →

cyberattacks, Exploits, Global Security News

The ultimate business resiliency test: Inside Kantsu’s ransomware response

A year ago, midsize Japanese logistics company Kantsu suffered significant damage from a cyberattack in which ransomware locked its servers and cut off communications, bringing the company’s shipping operations to a halt. We spoke with Kantsu President Hisahiro Tatsujo, the company’s chief executive, about the company’s experience responding to the cyberattack from both a cybersecurity…

Read more →

cyberattacks, Exploits, Global Security News

The ultimate business resiliency test: Inside Kantsu’s ransomware response

A year ago, midsize Japanese logistics company Kantsu suffered significant damage from a cyberattack in which ransomware locked its servers and cut off communications, bringing the company’s shipping operations to a halt. We spoke with Kantsu President Hisahiro Tatsujo, the company’s chief executive, about the company’s experience responding to the cyberattack from both a cybersecurity…

Read more →

cyberattacks, Exploits, Global Security News

The ultimate business resiliency test: Inside Kantsu’s ransomware response

A year ago, midsize Japanese logistics company Kantsu suffered significant damage from a cyberattack in which ransomware locked its servers and cut off communications, bringing the company’s shipping operations to a halt. We spoke with Kantsu President Hisahiro Tatsujo, the company’s chief executive, about the company’s experience responding to the cyberattack from both a cybersecurity…

Read more →

cyberattacks, Exploits, Global Security News

The ultimate business resiliency test: Inside Kantsu’s ransomware response

A year ago, midsize Japanese logistics company Kantsu suffered significant damage from a cyberattack in which ransomware locked its servers and cut off communications, bringing the company’s shipping operations to a halt. We spoke with Kantsu President Hisahiro Tatsujo, the company’s chief executive, about the company’s experience responding to the cyberattack from both a cybersecurity…

Read more →

cyberattacks, Exploits, Global Security News

The ultimate business resiliency test: Inside Kantsu’s ransomware response

A year ago, midsize Japanese logistics company Kantsu suffered significant damage from a cyberattack in which ransomware locked its servers and cut off communications, bringing the company’s shipping operations to a halt. We spoke with Kantsu President Hisahiro Tatsujo, the company’s chief executive, about the company’s experience responding to the cyberattack from both a cybersecurity…

Read more →

Breaking News, cyber crime, Exploits, Global Security News, hacking, malware, Security

DragonForce, LockBit, and Qilin, a new triad aims to dominate the ransomware landscape

DragonForce, LockBit, and Qilin formed a ransomware alliance to boost attack effectiveness, marking a major shift in the cyber threat landscape. Ransomware groups DragonForce, LockBit, and Qilin formed a strategic alliance to enhance their attack capabilities, signaling an evolving cyber threat landscape. The alliance aims at sharing tools and infrastructure to enhance attack effectiveness. The…

Read more →

Breaking News, cyber crime, Exploits, Global Security News, hacking, malware, Security

DragonForce, LockBit, and Qilin, a new triad aims to dominate the ransomware landscape

DragonForce, LockBit, and Qilin formed a ransomware alliance to boost attack effectiveness, marking a major shift in the cyber threat landscape. Ransomware groups DragonForce, LockBit, and Qilin formed a strategic alliance to enhance their attack capabilities, signaling an evolving cyber threat landscape. The alliance aims at sharing tools and infrastructure to enhance attack effectiveness. The…

Read more →

Breaking News, cyber crime, Exploits, Global Security News, hacking, malware, Security

DragonForce, LockBit, and Qilin, a new triad aims to dominate the ransomware landscape

DragonForce, LockBit, and Qilin formed a ransomware alliance to boost attack effectiveness, marking a major shift in the cyber threat landscape. Ransomware groups DragonForce, LockBit, and Qilin formed a strategic alliance to enhance their attack capabilities, signaling an evolving cyber threat landscape. The alliance aims at sharing tools and infrastructure to enhance attack effectiveness. The…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, Security

Redis patches 13-Year-Old Lua flaw enabling Remote Code Execution

Redis warns of CVE-2025-49844, a Lua script flaw enabling RCE via use-after-free. Attackers need authenticated access to exploit it. Redis disclosed a critical RCE bug, tracked as CVE-2025-49844 (also known as “RediShell”, with a CVSS score of 10.0), where a malicious Lua script can exploit the garbage collector to trigger a use-after-free vulnerability and enable…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, Security

Redis patches 13-Year-Old Lua flaw enabling Remote Code Execution

Redis warns of CVE-2025-49844, a Lua script flaw enabling RCE via use-after-free. Attackers need authenticated access to exploit it. Redis disclosed a critical RCE bug, tracked as CVE-2025-49844 (also known as “RediShell”, with a CVSS score of 10.0), where a malicious Lua script can exploit the garbage collector to trigger a use-after-free vulnerability and enable…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, Security

Redis patches 13-Year-Old Lua flaw enabling Remote Code Execution

Redis warns of CVE-2025-49844, a Lua script flaw enabling RCE via use-after-free. Attackers need authenticated access to exploit it. Redis disclosed a critical RCE bug, tracked as CVE-2025-49844 (also known as “RediShell”, with a CVSS score of 10.0), where a malicious Lua script can exploit the garbage collector to trigger a use-after-free vulnerability and enable…

Read more →

A Little Sunshine, Exploits, Global Security News, Latest Warnings, Ne'er-Do-Well News, Ransomware, The Coming Storm

ShinyHunters Wage Broad Corporate Extortion Spree

A cybercriminal group that used voice phishing attacks to siphon more than a billion records from Salesforce customers earlier this year has launched a website that threatens to publish data stolen from dozens of Fortune 500 firms if they refuse to pay a ransom. The group also claimed responsibility for a recent breach involving Discord…

Read more →

Breaking News, CISA, Exploits, Global Security News, hacking, hacking news, Security

U.S. CISA adds Synacor Zimbra Collaboration Suite (ZCS) flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Synacor Zimbra Collaboration Suite (ZCS) flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Synacor Zimbra Collaboration Suite (ZCS) flaw, tracked as CVE-2025-27915, to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2025-27915 is a stored XSS flaw in Zimbra Collaboration Suite (versions 9.0–10.1)…

Read more →

Breaking News, CISA, Exploits, Global Security News, hacking, hacking news, Security

U.S. CISA adds Synacor Zimbra Collaboration Suite (ZCS) flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Synacor Zimbra Collaboration Suite (ZCS) flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Synacor Zimbra Collaboration Suite (ZCS) flaw, tracked as CVE-2025-27915, to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2025-27915 is a stored XSS flaw in Zimbra Collaboration Suite (versions 9.0–10.1)…

Read more →

Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research

Microsoft pins GoAnywhere zero-day attacks to ransomware affiliate Storm-1175

Microsoft Threat Intelligence said a cybercriminal group it tracks as Storm-1175 has exploited a maximum-severity vulnerability in GoAnywhere MFT to initiate multi-stage attacks including ransomware. Researchers observed the malicious activity Sept. 11, Microsoft said in a blog post Monday. Microsoft’s research adds another substantive chunk of evidence to a growing collection of intelligence confirming the…

Read more →

Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research

Microsoft pins GoAnywhere zero-day attacks to ransomware affiliate Storm-1175

Microsoft Threat Intelligence said a cybercriminal group it tracks as Storm-1175 has exploited a maximum-severity vulnerability in GoAnywhere MFT to initiate multi-stage attacks including ransomware. Researchers observed the malicious activity Sept. 11, Microsoft said in a blog post Monday. Microsoft’s research adds another substantive chunk of evidence to a growing collection of intelligence confirming the…

Read more →

Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research

Microsoft pins GoAnywhere zero-day attacks to ransomware affiliate Storm-1175

Microsoft Threat Intelligence said a cybercriminal group it tracks as Storm-1175 has exploited a maximum-severity vulnerability in GoAnywhere MFT to initiate multi-stage attacks including ransomware. Researchers observed the malicious activity Sept. 11, Microsoft said in a blog post Monday. Microsoft’s research adds another substantive chunk of evidence to a growing collection of intelligence confirming the…

Read more →

Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research

Microsoft pins GoAnywhere zero-day attacks to ransomware affiliate Storm-1175

Microsoft Threat Intelligence said a cybercriminal group it tracks as Storm-1175 has exploited a maximum-severity vulnerability in GoAnywhere MFT to initiate multi-stage attacks including ransomware. Researchers observed the malicious activity Sept. 11, Microsoft said in a blog post Monday. Microsoft’s research adds another substantive chunk of evidence to a growing collection of intelligence confirming the…

Read more →

Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research

Microsoft pins GoAnywhere zero-day attacks to ransomware affiliate Storm-1175

Microsoft Threat Intelligence said a cybercriminal group it tracks as Storm-1175 has exploited a maximum-severity vulnerability in GoAnywhere MFT to initiate multi-stage attacks including ransomware. Researchers observed the malicious activity Sept. 11, Microsoft said in a blog post Monday. Microsoft’s research adds another substantive chunk of evidence to a growing collection of intelligence confirming the…

Read more →

Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, Security

GoAnywhere MFT zero-day used by Storm-1175 in Medusa ransomware campaigns

Storm-1175 exploits GoAnywhere MFT flaw CVE-2025-10035 in Medusa attacks, allowing easy remote code execution via License Servlet bug. A cybercrime group, tracked as Storm-1175, has been actively exploiting a maximum severity GoAnywhere MFT vulnerability (CVE-2025-10035) in Medusa ransomware attacks for nearly a month. The vulnerability CVE-2025-10035 is a deserialization issue in the License Servlet of…

Read more →

Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, Security

GoAnywhere MFT zero-day used by Storm-1175 in Medusa ransomware campaigns

Storm-1175 exploits GoAnywhere MFT flaw CVE-2025-10035 in Medusa attacks, allowing easy remote code execution via License Servlet bug. A cybercrime group, tracked as Storm-1175, has been actively exploiting a maximum severity GoAnywhere MFT vulnerability (CVE-2025-10035) in Medusa ransomware attacks for nearly a month. The vulnerability CVE-2025-10035 is a deserialization issue in the License Servlet of…

Read more →

Breaking News, cyber crime, Exploits, Global Security News, hacking, Security

CrowdStrike ties Oracle EBS RCE (CVE-2025-61882) to Cl0p attacks began Aug 9, 2025

CrowdStrike links Oracle EBS flaw CVE-2025-61882 (CVSS 9.8) to Cl0p, enabling unauthenticated RCE, first exploited on August 9, 2025. CrowdStrike researchers attributed with moderate confidence the exploitation of Oracle E-Business Suite flaw CVE-2025-61882 (CVSS 9.8) to the Cl0p group, also known as Graceful Spider. The critical bug allows unauthenticated remote code execution, with the first…

Read more →

Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research, Threats

Oracle zero-day defect amplifies panic over Clop’s data theft attack spree

Federal cyber authorities and threat hunters are on edge following Oracle’s Saturday disclosure of an actively exploited zero-day vulnerability the Clop ransomware group used to initiate a widespread data theft and extortion campaign researchers initially warned about last week.  Oracle addressed the critical vulnerability — CVE-2025-61882 affecting Oracle E-Business Suite — in a security advisory…

Read more →

Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research, Threats

Oracle zero-day defect amplifies panic over Clop’s data theft attack spree

Federal cyber authorities and threat hunters are on edge following Oracle’s Saturday disclosure of an actively exploited zero-day vulnerability the Clop ransomware group used to initiate a widespread data theft and extortion campaign researchers initially warned about last week.  Oracle addressed the critical vulnerability — CVE-2025-61882 affecting Oracle E-Business Suite — in a security advisory…

Read more →

Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research, Threats

Oracle zero-day defect amplifies panic over Clop’s data theft attack spree

Federal cyber authorities and threat hunters are on edge following Oracle’s Saturday disclosure of an actively exploited zero-day vulnerability the Clop ransomware group used to initiate a widespread data theft and extortion campaign researchers initially warned about last week.  Oracle addressed the critical vulnerability — CVE-2025-61882 affecting Oracle E-Business Suite — in a security advisory…

Read more →

Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research, Threats

Oracle zero-day defect amplifies panic over Clop’s data theft attack spree

Federal cyber authorities and threat hunters are on edge following Oracle’s Saturday disclosure of an actively exploited zero-day vulnerability the Clop ransomware group used to initiate a widespread data theft and extortion campaign researchers initially warned about last week.  Oracle addressed the critical vulnerability — CVE-2025-61882 affecting Oracle E-Business Suite — in a security advisory…

Read more →

Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research, Threats

Oracle zero-day defect amplifies panic over Clop’s data theft attack spree

Federal cyber authorities and threat hunters are on edge following Oracle’s Saturday disclosure of an actively exploited zero-day vulnerability the Clop ransomware group used to initiate a widespread data theft and extortion campaign researchers initially warned about last week.  Oracle addressed the critical vulnerability — CVE-2025-61882 affecting Oracle E-Business Suite — in a security advisory…

Read more →

Android, Data loss, encryption, Exploits, Global Security News, Guest blog, iOS

Your favourite phone apps might be leaking your company’s secrets

Most of the apps on your phone are talking to a server somewhere – sending and receiving data through messages sent through APIs, the underlying infrastructure that allows apps to communicate. And here’s the problem – hackers have determined that the APIs of mobile apps, when left visible and exploitable, can be a goldmine. Read…

Read more →

data protection, Exploits, GDPR, Global Security News, human error, privacy

Human Error and Accidental Data Breaches: Lessons from Recent Cases

According to Verizon’s 2025 DBIR (Data Breach Investigations Report), some 60% of data breaches now involve “the human element” – in other words, errors and non-malicious activity. Failing to use the bcc function when emailing groups of people, accidentally emailing spreadsheets full of unencrypted personal data to entire mailing lists without checking, mistakenly misconfiguring an…

Read more →

data protection, Exploits, GDPR, Global Security News, human error, privacy

Human Error and Accidental Data Breaches: Lessons from Recent Cases

According to Verizon’s 2025 DBIR (Data Breach Investigations Report), some 60% of data breaches now involve “the human element” – in other words, errors and non-malicious activity. Failing to use the bcc function when emailing groups of people, accidentally emailing spreadsheets full of unencrypted personal data to entire mailing lists without checking, mistakenly misconfiguring an…

Read more →

data protection, Exploits, GDPR, Global Security News, human error, privacy

Human Error and Accidental Data Breaches: Lessons from Recent Cases

According to Verizon’s 2025 DBIR (Data Breach Investigations Report), some 60% of data breaches now involve “the human element” – in other words, errors and non-malicious activity. Failing to use the bcc function when emailing groups of people, accidentally emailing spreadsheets full of unencrypted personal data to entire mailing lists without checking, mistakenly misconfiguring an…

Read more →

AI, cyber resilience, Cybersecurity, Data Breaches, Exploits, Funding, Global Security News, privacy, Threat Intelligence, Webroot Blog

Guarding your family against the latest online threats

Parents across America face a growing wave of sophisticated online fraud designed to exploit their deepest fears and protective instincts. Americans reported losing more than $12.5 billion to fraud in 2024, representing a 25% increase over the prior year, according to new Federal Trade Commission data. Parents represent a particularly vulnerable target because scammers understand…

Read more →

AI, cyber resilience, Cybersecurity, Data Breaches, Exploits, Funding, Global Security News, privacy, Threat Intelligence, Webroot Blog

Guarding your family against the latest online threats

Parents across America face a growing wave of sophisticated online fraud designed to exploit their deepest fears and protective instincts. Americans reported losing more than $12.5 billion to fraud in 2024, representing a 25% increase over the prior year, according to new Federal Trade Commission data. Parents represent a particularly vulnerable target because scammers understand…

Read more →

AI, cyber resilience, Cybersecurity, Data Breaches, Exploits, Funding, Global Security News, privacy, Threat Intelligence, Webroot Blog

Guarding your family against the latest online threats

Parents across America face a growing wave of sophisticated online fraud designed to exploit their deepest fears and protective instincts. Americans reported losing more than $12.5 billion to fraud in 2024, representing a 25% increase over the prior year, according to new Federal Trade Commission data. Parents represent a particularly vulnerable target because scammers understand…

Read more →

AI, cyber resilience, Cybersecurity, Data Breaches, Exploits, Funding, Global Security News, privacy, Threat Intelligence, Webroot Blog

Guarding your family against the latest online threats

Parents across America face a growing wave of sophisticated online fraud designed to exploit their deepest fears and protective instincts. Americans reported losing more than $12.5 billion to fraud in 2024, representing a 25% increase over the prior year, according to new Federal Trade Commission data. Parents represent a particularly vulnerable target because scammers understand…

Read more →

AI, cyber resilience, Cybersecurity, Data Breaches, Exploits, Funding, Global Security News, privacy, Threat Intelligence, Webroot Blog

Guarding your family against the latest online threats

Parents across America face a growing wave of sophisticated online fraud designed to exploit their deepest fears and protective instincts. Americans reported losing more than $12.5 billion to fraud in 2024, representing a 25% increase over the prior year, according to new Federal Trade Commission data. Parents represent a particularly vulnerable target because scammers understand…

Read more →

AI, cyber resilience, Cybersecurity, Data Breaches, Exploits, Funding, Global Security News, privacy, Threat Intelligence, Webroot Blog

Guarding your family against the latest online threats

Parents across America face a growing wave of sophisticated online fraud designed to exploit their deepest fears and protective instincts. Americans reported losing more than $12.5 billion to fraud in 2024, representing a 25% increase over the prior year, according to new Federal Trade Commission data. Parents represent a particularly vulnerable target because scammers understand…

Read more →

AI, cyber resilience, Cybersecurity, Data Breaches, Exploits, Funding, Global Security News, privacy, Threat Intelligence, Webroot Blog

Guarding your family against the latest online threats

Parents across America face a growing wave of sophisticated online fraud designed to exploit their deepest fears and protective instincts. Americans reported losing more than $12.5 billion to fraud in 2024, representing a 25% increase over the prior year, according to new Federal Trade Commission data. Parents represent a particularly vulnerable target because scammers understand…

Read more →

AI, cyber resilience, Cybersecurity, Data Breaches, Exploits, Funding, Global Security News, privacy, Threat Intelligence, Webroot Blog

Guarding your family against the latest online threats

Parents across America face a growing wave of sophisticated online fraud designed to exploit their deepest fears and protective instincts. Americans reported losing more than $12.5 billion to fraud in 2024, representing a 25% increase over the prior year, according to new Federal Trade Commission data. Parents represent a particularly vulnerable target because scammers understand…

Read more →

AI, cyber resilience, Cybersecurity, Data Breaches, Exploits, Funding, Global Security News, privacy, Threat Intelligence, Webroot Blog

Guarding your family against the latest online threats

Parents across America face a growing wave of sophisticated online fraud designed to exploit their deepest fears and protective instincts. Americans reported losing more than $12.5 billion to fraud in 2024, representing a 25% increase over the prior year, according to new Federal Trade Commission data. Parents represent a particularly vulnerable target because scammers understand…

Read more →

AI, cyber resilience, Cybersecurity, Data Breaches, Exploits, Funding, Global Security News, privacy, Threat Intelligence, Webroot Blog

Guarding your family against the latest online threats

Parents across America face a growing wave of sophisticated online fraud designed to exploit their deepest fears and protective instincts. Americans reported losing more than $12.5 billion to fraud in 2024, representing a 25% increase over the prior year, according to new Federal Trade Commission data. Parents represent a particularly vulnerable target because scammers understand…

Read more →

AI, cyber resilience, Cybersecurity, Data Breaches, Exploits, Funding, Global Security News, privacy, Threat Intelligence, Webroot Blog

Guarding your family against the latest online threats

Parents across America face a growing wave of sophisticated online fraud designed to exploit their deepest fears and protective instincts. Americans reported losing more than $12.5 billion to fraud in 2024, representing a 25% increase over the prior year, according to new Federal Trade Commission data. Parents represent a particularly vulnerable target because scammers understand…

Read more →

A Little Sunshine, Data Breaches, Exploits, Global Security News, Ne'er-Do-Well News, Ransomware

Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms

U.S. prosecutors last week levied criminal hacking charges against 19-year-old U.K. national Thalha Jubair for allegedly being a core member of Scattered Spider, a prolific cybercrime group blamed for extorting at least $115 million in ransom payments from victims. The charges came as Jubair and an alleged co-conspirator appeared in a London court to face…

Read more →

AI, Apps, Exploits, Global Security News, privacy, Risk Management

Supporting Rowhammer research to protect the DRAM ecosystem

Posted by Daniel Moghimi Rowhammer is a complex class of vulnerabilities across the industry. It is a hardware vulnerability in DRAM where repeatedly accessing a row of memory can cause bit flips in adjacent rows, leading to data corruption. This can be exploited by attackers to gain unauthorized access to data, escalate privileges, or cause…

Read more →

AI, Apps, Exploits, Global Security News, privacy, Risk Management

Supporting Rowhammer research to protect the DRAM ecosystem

Posted by Daniel Moghimi Rowhammer is a complex class of vulnerabilities across the industry. It is a hardware vulnerability in DRAM where repeatedly accessing a row of memory can cause bit flips in adjacent rows, leading to data corruption. This can be exploited by attackers to gain unauthorized access to data, escalate privileges, or cause…

Read more →

Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, Reports, Security

FBI warns of Salesforce attacks by UNC6040 and UNC6395 groups

The U.S. FBI issued a flash alert to warn of malicious activities carried out by two cybercriminal groups tracked as UNC6040 and UNC6395. The FBI issued a FLASH alert with IOCs for cybercriminal groups UNC6040 and UNC6395, which are increasingly targeting Salesforce platforms for data theft and extortion. “The Federal Bureau of Investigation (FBI) is…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, HybridPetya, malware

HybridPetya ransomware bypasses UEFI Secure Boot echoing Petya/NotPetya

HybridPetya ransomware bypasses UEFI Secure Boot to infect EFI partitions, echoing the infamous Petya/NotPetya attacks of 2016–2017. ESET researchers discovered a new ransomware called HybridPetya on the platform VirusTotal. The malware echoes the infamous Petya/NotPetya malware, supporting additional capabilities, such as compromising UEFI-based systems and exploiting CVE‑2024‑7344 to bypass UEFI Secure Boot on outdated systems. “Interestingly, the…

Read more →

Exploits, Global Security News

VMScape Spectre BTI attack breaks VM isolation on AMD and Intel CPUs

Researchers have demonstrated a Spectre-like CPU branch target injection attack that allows malicious virtual machine users to leak sensitive information from host hypervisors such as KVM/QEMU on Linux. The new attack, dubbed VMScape, exploits the speculative execution feature of AMD and Intel CPUs to break the guest-host isolation layer in virtualized environments, including cloud infrastructure…

Read more →