Month: October 2025

Cyber Security Starts Here

Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware

Microsoft on Monday attributed a threat actor it tracks as Storm-1175 to the exploitation of a critical security flaw in Fortra GoAnywhere software to facilitate the deployment of Medusa ransomware. The vulnerability is CVE-2025-10035 (CVSS score: 10.0), a critical deserialization bug that could result in command injection without authentication. It was addressed in version 7.8.4,…
Read more

New Report Links Research Firms BIETA and CIII to China’s MSS Cyber Operations

A Chinese company named the Beijing Institute of Electronics Technology and Application (BIETA) has been assessed to be likely led by the Ministry of State Security (MSS). The assessment comes from evidence that at least four BIETA personnel have clear or possible links to MSS officers and their relationship with the University of International Relations,…
Read more

5 Critical Questions For Adopting an AI Security Solution

In the era of rapidly advancing artificial intelligence (AI) and cloud technologies, organizations are increasingly implementing security measures to protect sensitive data and ensure regulatory compliance. Among these measures, AI-SPM (AI Security Posture Management) solutions have gained traction to secure AI pipelines, sensitive data assets, and the overall AI ecosystem. These solutions help

⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More

The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons from the field. This recap cuts through the noise to share what really matters—key trends, warning signs, and stories shaping today’s security landscape. Whether you’re defending systems or just keeping up, these…
Read more

Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks

Oracle has released an emergency update to address a critical security flaw in its E-Business Suite that it said has been exploited in the recent wave of Cl0p data theft attacks. The vulnerability, tracked as CVE-2025-61882 (CVSS score: 9.8), concerns an unspecified bug that could allow an unauthenticated attacker with network access via HTTP to…
Read more

Chinese Cybercrime Group Runs Global SEO Fraud Ring Using Compromised IIS Servers

Cybersecurity researchers have shed light on a Chinese-speaking cybercrime group codenamed UAT-8099 that has been attributed to search engine optimization (SEO) fraud and theft of high-value credentials, configuration files, and certificate data.  The attacks are designed to target Microsoft Internet Information Services (IIS) servers, with most of the infections reported in India, Thailand

CometJacking: One Click Can Turn Perplexity’s Comet AI Browser Into a Data Thief

Cybersecurity researchers have disclosed details of a new attack called CometJacking targeting Perplexity’s agentic AI browser Comet by embedding malicious prompts within a seemingly innocuous link to siphon sensitive data, including from connected services, like email and calendar. The sneaky prompt injection attack plays out in the form of a malicious link that, when clicked,…
Read more

Scanning Activity on Palo Alto Networks Portals Jump 500% in One Day

Threat intelligence firm GreyNoise disclosed on Friday that it has observed a spike in scanning activity targeting Palo Alto Networks login portals. The company said it observed a nearly 500% increase in IP addresses scanning Palo Alto Networks login portals on October 3, 2025, the highest level recorded in the last three months. It described…
Read more

Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer

A threat actor named Detour Dog has been outed as powering campaigns distributing an information stealer known as Strela Stealer. That’s according to findings from Infoblox, which found the threat actor to maintain control of domains hosting the first stage of the stealer, a backdoor called StarFish. The DNS threat intelligence firm said it has…
Read more

Rhadamanthys Stealer Evolves: Adds Device Fingerprinting, PNG Steganography Payloads

The threat actor behind Rhadamanthys has also advertised two other tools called Elysium Proxy Bot and Crypt Service on their website, even as the flagship information stealer has been updated to support the ability to collect device and web browser fingerprints, among others. “Rhadamanthys was initially promoted through posts on cybercrime forums, but soon it…
Read more