Author: Joe-W

Cybersecurity company Huntress said it has observed active in-the-wild exploitation of an unpatched security flaw impacting Gladinet CentreStack and TrioFox products. The zero-day vulnerability, tracked as CVE-2025-11371 (CVSS score: 6.1), is an unauthenticated local file inclusion bug that allows unintended disclosure of system files. It impacts all versions of the software prior to and  – … Read More “From LFI to RCE: Active Exploitation Detected in Gladinet and TrioFox Vulnerability  – The Hacker News” »

Dozens of organizations may have been impacted following the zero-day exploitation of a security flaw in Oracle’s E-Business Suite (EBS) software since August 9, 2025, Google Threat Intelligence Group (GTIG) and Mandiant said in a new report released Thursday. “We’re still assessing the scope of this incident, but we believe it affected dozens of organizations,” … Read More “CL0P-Linked Hackers Breach Dozens of Organizations Through Oracle Software Flaw  – The Hacker News” »

SonicWall has confirmed that attackers accessed cloud backup configuration files for all customers using its backup service exposing encrypted credentials and network configurations.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A brute-force attack exposed firewall configuration files of every SonicWall customer who used the company’s cloud backup service, the besieged vendor said Wednesday. An investigation aided by Mandiant confirmed the totality of compromise that occurred when unidentified attackers hit a customer-facing system of SonicWall controls. The company previously said less than 5% of its firewall … Read More “SonicWall admits attacker accessed all customer firewall configurations stored on cloud portal  – CyberScoop” »

Zimperium’s zLabs warns of ClayRat, a fast-spreading Android spyware targeting Russia. It hides in fake apps like TikTok and steals texts, calls records, and camera photos.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A China-aligned threat actor codenamed UTA0388 has been attributed to a series of spear-phishing campaigns targeting North America, Asia, and Europe that are designed to deliver a Go-based implant known as GOVERSHELL. “The initially observed campaigns were tailored to the targets, and the messages purported to be sent by senior researchers and analysts from legitimate-sounding, … Read More “From HealthKick to GOVERSHELL: The Evolution of UTA0388’s Espionage Malware  – The Hacker News” »

A rapidly evolving Android spyware campaign called ClayRat has targeted users in Russia using a mix of Telegram channels and lookalike phishing websites by impersonating popular apps like WhatsApp, Google Photos, TikTok, and YouTube as lures to install them. “Once active, the spyware can exfiltrate SMS messages, call logs, notifications, and device information; taking photos … Read More “New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps  – The Hacker News” »

A top Senate Democrat introduced legislation Thursday to extend and rename an expired information-sharing law, and make it retroactive to cover the lapse that began Oct. 1. Michigan Sen. Gary Peters, the ranking member of the Homeland Security and Governmental Affairs Committee, introduced the Protecting America from Cyber Threats (PACT) Act, to replace the expired … Read More “Sen. Peters tries another approach to extend expired cyber threat information-sharing law  – CyberScoop” »

Clop, the notorious ransomware group, began targeting Oracle E-Business Suite customers three months ago and started exploiting a zero-day affecting the enterprise platform to steal massive amounts of data from victims as early as Aug. 9, Google Threat Intelligence Group and Mandiant said in a report Thursday.  “We’re still assessing the scope of this incident, … Read More “Dozens of Oracle customers impacted by Clop data theft for extortion campaign  – CyberScoop” »

Cyber threats are evolving faster than ever. Attackers now combine social engineering, AI-driven manipulation, and cloud exploitation to breach targets once considered secure. From communication platforms to connected devices, every system that enhances convenience also expands the attack surface. This edition of ThreatsDay Bulletin explores these converging risks and the safeguards that help  – Read … Read More “ThreatsDay Bulletin: MS Teams Hack, MFA Hijacking, $2B Crypto Heist, Apple Siri Probe & More  – The Hacker News” »

Palo Alto, California, 9th October 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Forcepoint X-Labs reports a surge in sophisticated email attacks using obfuscated JavaScript and steganography to deliver dangerous RATs and info-stealers like Formbook and Agent Tesla. Learn how to defend against the threat.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

SonicWall on Wednesday disclosed that an unauthorized party accessed firewall configuration backup files for all customers who have used the cloud backup service. “The files contain encrypted credentials and configuration data; while encryption remains in place, possession of these files could increase the risk of targeted attacks,” the company said. It also noted that it’s … Read More “Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks  – The Hacker News” »

FortiGuard Labs reveals Chaos-C++, a new Chaos ransomware variant that deletes files over 1.3 GB instead of encrypting them and uses clipboard hijacking to steal cryptocurrency.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Newark, United States, 9th October 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Token theft is a leading cause of SaaS breaches. Discover why OAuth and API tokens are often overlooked and how security teams can strengthen token hygiene to prevent attacks. Most companies in 2025 rely on a whole range of software-as-a-service (SaaS) applications to run their operations. However, the security of these applications depends on small … Read More “SaaS Breaches Start with Tokens – What Security Teams Must Watch  – The Hacker News” »

Hackers are using fake Microsoft Teams installers found in search results and ads to deploy the Oyster backdoor. Learn how to protect your PC from this remote-access threat.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Russian hackers’ adoption of artificial intelligence (AI) in cyber attacks against Ukraine has reached a new level in the first half of 2025 (H1 2025), the country’s State Service for Special Communications and Information Protection (SSSCIP) said. “Hackers now employ it not only to generate phishing messages, but some of the malware samples we have … Read More “From Phishing to Malware: AI Becomes Russia’s New Cyber Weapon in War on Ukraine  – The Hacker News” »

Business email compromise, commonly known as “BEC” has become a major issue inthe corporate world. Globally, this condition has been a challenge for the legalauthorities as to exactly who is liable for the damages caused by BEC. South Africancompanies are suffering under the weight of BEC crimes as the courts grapple with themultitude of cases … Read More “Who is Ultimately Responsible for Business Email Compromise?  – Da Vinci Cybersecurity: Leading Cyber Security Services in South Africa.” »

Threat actors are actively exploiting a critical security flaw impacting the Service Finder WordPress theme that makes it possible to gain unauthorized access to any account, including administrators, and take control of susceptible sites. The authentication bypass vulnerability, tracked as CVE-2025-5947 (CVSS score: 9.8), affects the Service Finder Bookings, a WordPress plugin bundled with the  … Read More “Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme  – The Hacker News” »

Your computer’s mouse might not be as innocent as it looks – and one ransomware crew has a crisis of conscience that nobody saw coming. We talk about how something as ordinary as a web page could turn your mouse into a surprisingly nosey neighbour, and why ransomware gangs need to think carefully about their … Read More “Smashing Security podcast #438: When your mouse turns snitch, and hackers grow a conscience  – Graham Cluley” »

Voting rights groups are asking a court to block an ongoing Trump administration effort to merge disparate federal and state voter data into a massive citizenship and voter fraud database. Last week, the League of Women Voters, the Electronic Privacy Information Center (EPIC) and five individuals sued the federal government in D.C. District Court, saying … Read More “Voting groups ask court for immediate halt to Trump admin’s SAVE database overhaul  – CyberScoop” »

Cybersecurity researchers are calling attention to a nefarious campaign targeting WordPress sites to make malicious JavaScript injections that are designed to redirect users to sketchy sites. “Site visitors get injected content that was drive-by malware like fake Cloudflare verification,” Sucuri researcher Puja Srivastava said in an analysis published last week. The website security company  – … Read More “Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks  – The Hacker News” »

Met Police arrested two teenagers over the Kido nursery ransomware attack, which exposed data for 8,000 children. Full details on the hack and police investigation.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Threat actors with suspected ties to China have turned a legitimate open-source monitoring tool called Nezha into an attack weapon, using it to deliver a known malware called Gh0st RAT to targets. The activity, observed by cybersecurity company Huntress in August 2025, is characterized by the use of an unusual technique called log poisoning (aka … Read More “Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave  – The Hacker News” »

Encryption lives on in Europe. For now. The German government has said it will oppose a piece of European Union legislation later this month that would subject phones and other devices to mass scanning — prior to encryption — by the government for evidence of child sexual abuse material.   Federal Minister of Justice Stefanie Hubig … Read More “German government says it will oppose EU mass-scanning proposal  – CyberScoop” »

In April of 2025, my colleague Mat Powell was hunting for vulnerabilities in Autodesk Revit 2025. While fuzzing RFA files, he found the following crash (CVE-2025-5037 / ZDI-CAN-26922, addressed by Autodesk in July 2025): Is this an exploitable crash? From the debugger output crash point as seen above, unclear whether anything is controllable. At around … Read More “Crafting a Full Exploit RCE from a Crash in Autodesk Revit RFA File Parsing  – Zero Day Initiative – Blog” »

Three prominent ransomware groups DragonForce, LockBit, and Qilin have announced a new strategic ransomware alliance, once underscoring continued shifts in the cyber threat landscape. The coalition is seen as an attempt on the part of the financially motivated threat actors to conduct more effective ransomware attacks, ReliaQuest said in a report shared with The Hacker … Read More “LockBit, Qilin, and DragonForce Join Forces to Dominate the Ransomware Ecosystem  – The Hacker News” »

OpenAI’s new report warns hackers are combining multiple AI tools for cyberattacks, scams, and influence ops linked to China, Russia, and North Korea.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Tel Aviv, Israel, 8th October 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cybersecurity researchers have disclosed details of a now-patched vulnerability in the popular figma-developer-mcp Model Context Protocol (MCP) server that could allow attackers to achieve code execution. The vulnerability, tracked as CVE-2025-53967 (CVSS score: 7.5), is a command injection bug stemming from the unsanitized use of user input, opening the door to a scenario where an … Read More “Severe Figma MCP Vulnerability Lets Hackers Execute Code Remotely — Patch Now  – The Hacker News” »

Every year, weak passwords lead to millions in losses — and many of those breaches could have been stopped. Attackers don’t need advanced tools; they just need one careless login. For IT teams, that means endless resets, compliance struggles, and sleepless nights worrying about the next credential leak. This Halloween, The Hacker News and Specops … Read More “Step Into the Password Graveyard… If You Dare (and Join the Live Session)  – The Hacker News” »

Researchers warn of Shuyal Stealer, malware that gathers browser logins, system details, and Discord tokens, then erases evidence via Telegram.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto