Author: nitya

Oracle has quickly released an emergency security patch after the Cl0p ransomware group reportedly exploited a serious zero-day vulnerability, tracked as CVE-2025-61882. The company confirmed that some customers using Oracle E-Business Suite received extortion emails claiming their data had been stolen through this flaw. The vulnerability affects the Concurrent Processing component of Oracle E-Business Suite … Continued

A hacking group linked to Iran, called Nimbus Manticore, has launched a fresh wave of cyberattacks across Europe. Security researchers say this group, also tracked under names like UNC1549 and Smoke Sandstorm, has returned with improved malware and smarter techniques. Earlier it focused more on the Middle East, but this time the spotlight is on … Continued

Russian hackers Gamaredon and Turla have been caught working together in a cyber campaign against Ukraine. This finding comes from cybersecurity company ESET, which uncovered the link after noticing Gamaredon’s tools being used to deliver Turla’s Kazuar backdoor. The activity was observed between February and June 2025, and researchers believe it shows direct collaboration rather … Continued

A surprising announcement has come from the cybercrime world. A group calling itself Scattered Lapsus$ Hunters, along with several other well-known hacker aliases, has declared that they are ending their hacking spree. The group posted messages on Telegram and BreachForums, saying they would “go dark” and stop their offensive operations. In their farewell message, the … Continued

A North Korean hacking group known as Kimsuky has carried out a new cyberattack against South Korea by using artificial intelligence to generate fake military identification cards. Security researchers discovered that the group used these forged IDs in targeted phishing campaigns aimed at organizations linked to South Korea’s defense sector. Researchers from Genians, a South … Continued

Researchers from ETH Zürich and Google have revealed a new RowHammer attack called Phoenix, which is able to defeat the protections built into DDR5 memory modules. The team demonstrated that Phoenix could reliably trigger bit flips and escalate privileges on real DDR5 hardware, completing one exploit in as little as 109 seconds. This finding proves … Continued

A significant security breach has recently affected the npm ecosystem, compromising over 40 packages maintained by various developers. The attack involved the injection of a malicious script named bundle.js into these packages, enabling unauthorized access to sensitive credentials. The compromised packages were updated with a function called NpmModule.updatePackage. This function downloads the package’s tarball, modifies … Continued

A new AI-powered penetration testing tool called Villager has quickly gained attention in the cybersecurity world after being downloaded nearly 11,000 times from PyPI since its release in late July 2025. The tool is linked to a China-based group named Cyberspike, and experts are raising alarms because it could easily be misused by cybercriminals. Villager … Continued