Active exploitation of vulnerability affecting Oracle E-Business Suite – NCSC News
The NCSC is encouraging UK organisations to take immediate action to mitigate a vulnerability (CVE-2025-61882) affecting Oracle E-Business Suite. – Read More
Cyber
CISOs rethink the security organization for the AI era – CSO Online
The ever-changing cybersecurity landscape has long kept CISOs on their toes and now AI is bringing new challenges in how security teams operate and innovate. In some cases, the technology…
Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files – The Hacker News
A now patched security vulnerability in Zimbra Collaboration was exploited as a zero-day earlier this year in cyber attacks targeting the Brazilian military. Tracked as CVE-2025-27915 (CVSS score: 5.4), the…
10 essenzielle Maßnahmen für physische Sicherheit – CSO Online
Wenn physische Security nur immer so simpel umzusetzen wäre… Foto: Leremy | shutterstock.com Obwohl CISOs im Allgemeinen eher selten mit dem gesamten Spektrum der Gesundheits- und Arbeitssicherheitsbelange betraut sind, spielen…
Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks – The Hacker News
Oracle has released an emergency update to address a critical security flaw in its E-Business Suite that it said has been exploited in the recent wave of Cl0p data theft…
CometJacking: One Click Can Turn Perplexity’s Comet AI Browser Into a Data Thief – The Hacker News
Cybersecurity researchers have disclosed details of a new attack called CometJacking targeting Perplexity’s agentic AI browser Comet by embedding malicious prompts within a seemingly innocuous link to siphon sensitive data,…
Scanning Activity on Palo Alto Networks Portals Jump 500% in One Day – The Hacker News
Threat intelligence firm GreyNoise disclosed on Friday that it has observed a spike in scanning activity targeting Palo Alto Networks login portals. The company said it observed a nearly 500%…
Extortion gang opens data leak site to squeeze victims of its Salesforce attacks – CSO Online
The Scattered Lapsus$ Hunters gang, which says it has stolen data from the Salesforce instances of dozens of international companies in recent months, upped its extortion game today by listing…
Newly-discovered threat group hijacking IIS servers for SEO fraud, warns Cisco Talos – CSO Online
A Chinese-speaking cybercrime group is aggressively targeting vulnerable Internet Information Server (IIS) web servers for use in search engine optimization (SEO) fraud, as well as for the theft of high-value…
Scattered Lapsus$ Hunters Returns With Salesforce Leak Site – Dark Reading
After claiming it would shut down, the cybercriminal collective reemerged and threatened to publish the stolen data of Salesforce customers by Oct. 10 if its demands are not met. –…
Dutch Authorities Arrest Two Teens for Alleged Pro-Russian Espionage – Dark Reading
Dutch Prime Minister Dick Schoof described the incident as part of a broader pattern of Russian hybrid attacks against Europe. – Read More
Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer – The Hacker News
A threat actor named Detour Dog has been outed as powering campaigns distributing an information stealer known as Strela Stealer. That’s according to findings from Infoblox, which found the threat…
Rhadamanthys Stealer Evolves: Adds Device Fingerprinting, PNG Steganography Payloads – The Hacker News
The threat actor behind Rhadamanthys has also advertised two other tools called Elysium Proxy Bot and Crypt Service on their website, even as the flagship information stealer has been updated…
Jaguar Land Rover Shows Cyberattacks Mean (Bad) Business – Dark Reading
The company likely failed to completely clean out attackers from a previous breach and now is a case study for the high cost of ransomware. – Read More
BCI: The Thing of Nightmare or Dreams? – Dark Reading
Brain computer interface technology looks to provide users with hands-free device control, but could security ever keep up with the risks? – Read More