More results...
APT24 used supply chain attacks and varied techniques to deploy the BadAudio malware in a long-running cyberespionage campaign. China-linked group APT24 used supply-chain attacks and multiple techniques over three years to deploy the BadAudio downloader and additional malware payloads, Google Threat Intelligence Group (GTIG) warns. According to the researchers, the group shifted from broad web […]
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a an Oracle Fusion Middleware flaw, tracked as CVE-2025-61757 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability is a missing authentication for a critical function that […]
CrowdStrike says an insider shared internal screenshots with hackers but confirms no system breach and no customer data exposure. BleepingComputer first reported that CrowdStrike said an insider shared internal system screenshots with hackers, after Scattered Lapsus$ Hunters leaked them on Telegram. The company stresses that no systems were breached and no customer data was exposed. […]
SolarWinds patched three critical vulnerabilities in its Serv-U file transfer solution that could allow remote code execution. SolarWinds addressed three critical vulnerabilities in its Serv-U file transfer solution that could allow remote code execution. The first vulnerability, tracked as CVE-2025-40549 (CVSS score 9.1), is a path restriction bypass issue that impacts Serv-U. An attacker with […]
Ferrovie dello Stato Italiane (FS) data leaked after a breach at IT provider Almaviva. A hacker claims the theft of 2.3 TB of sensitive data. Data belonging to Italy’s national railway operator Ferrovie dello Stato Italiane (FS) was leaked after a data breach at IT provider Almaviva. FS Italiane Group is Italy’s state-owned railway company, managing passenger […]
Salesforce warns that unusual activity in Gainsight-linked OAuth apps may have enabled unauthorized access to some customers’ Salesforce data. Salesforce warned of unusual activity involving Gainsight-linked OAuth apps, noting that threat actors may have used these integrations to gain unauthorized access to some customers’ Salesforce data. “Salesforce has identified unusual activity involving Gainsight-published applications connected […]
Researchers disclosed a WhatsApp flaw that exposed 3.5B accounts. Meta has patched it to prevent this mass enumeration. A team of researchers at the University of Vienna found a WhatsApp flaw that could scrape 3.5 billion accounts. Meta has since patched the vulnerability to block this enumeration technique. Users discover contacts by querying WhatsApp servers […]
The Android trojan Sturnus targets communications from secure messaging apps like WhatsApp, Telegram and Signal. Sturnus is a new Android banking trojan with full device-takeover abilities. It bypasses encrypted messaging by capturing on-screen content and can steal banking credentials, remotely control the device, and hide fraudulent actions from the user. ThreatFabric analysis shows Sturnus malware […]
US, Australia and UK sanctioned 2 Russian bulletproof hosting providers accused of aiding groups like LockBit, BlackSuit and Play. US, Australia and UK sanctioned two Russian bulletproof hosting providers accused of aiding groups like LockBit, BlackSuit and Play. Coordinated sanctions hit Russia-based provider Media Land, its leaders, and sister firms for supplying bulletproof hosting that […]
Iran-linked actors mapped ship AIS data ahead of a missile strike attempt, highlighting the rise of cyber operations enabling real-world attacks. Iran-linked threat actors mapped ship Automatic Identification System (AIS) data shortly before an attempted missile strike, showing how Tehran-aligned groups use cyber operations to support and amplify real-world kinetic attacks. The research demonstrates that […]