A serious security flaw has been found in Redis, a popular in-memory database used by many companies around the world. The bug is 13 years old and has been given a CVSS score of 10.0, which is the highest possible severity rating. This means the flaw is extremely dangerous and should be fixed immediately. The … Continued
A newly discovered zero-day flaw in Zimbra Collaboration has been used in real cyberattacks against military organizations in Brazil. Hackers exploited this vulnerability by sending specially crafted calendar files, known as ICS files, which contained malicious code designed to compromise systems. The attack was especially dangerous because it targeted a zero-day vulnerability one that was … Continued
Oracle has quickly released an emergency security patch after the Cl0p ransomware group reportedly exploited a serious zero-day vulnerability, tracked as CVE-2025-61882. The company confirmed that some customers using Oracle E-Business Suite received extortion emails claiming their data had been stolen through this flaw. The vulnerability affects the Concurrent Processing component of Oracle E-Business Suite … Continued
Red Hat, the IBM-owned open-source software leader, confirmed on Thursday that one of its GitLab instances was compromised after a threat actor publicly claimed to have stolen sensitive data belonging to both the company and its customers. According to Red Hat, the breach was identified after unusual activity was detected on the GitLab server. The … Continued
In a troubling escalation of corporate cyber threats, Oracle has confirmed that customers of its E-Business Suite are receiving extortion emails from hackers claiming to have exfiltrated sensitive data. The vendor’s disclosure follows earlier warnings from Google’s cybersecurity teams, which described the campaign as “high-volume” and emphasized the urgent risk to enterprises across sectors. What … Continued
Cybersecurity researchers have uncovered two sophisticated Android spyware campaigns, ProSpy and ToSpy, targeting users in the United Arab Emirates (UAE) by masquerading as legitimate messaging applications. These campaigns exploit the popularity of secure messaging tools to secretly collect sensitive data from unsuspecting users. Spyware Campaigns: ProSpy and ToSpy According to ESET researchers, both ProSpy and … Continued
In a recent support bulletin, Microsoft has acknowledged a serious bug introduced with Windows 11 25H2 (also known as the 2025 Update) that disrupts the Media Creation Tool on ARM64 devices. What’s Going Wrong? On affected ARM64 systems, users attempting to launch the Media Creation Tool now see an error message such as: “We’re not … Continued
The New Era of Social Engineering Artificial intelligence has transformed industries from healthcare to entertainment—but it has also armed cybercriminals with new tools. Among the most alarming is AI-driven voice cloning, which allows attackers to replicate human voices with startling accuracy. This technology, once limited to research labs and Hollywood studios, is now widely accessible … Continued
South Korea’s National Intelligence Service (NIS) has raised the nation’s cyber threat level from “attention” to “caution” after a massive fire at a government-run data center in Daejeon disrupted several critical digital services. The blaze, which broke out on September 30, 2025, paralyzed access to government email, national identification verification, real estate transaction systems, school … Continued
The notorious Medusa ransomware group has taken responsibility for a significant data breach at Comcast, one of the largest telecommunications companies in the United States. According to reports, the attackers exfiltrated over 834.4 GB of sensitive corporate data, including internal documents, financial records, and potentially client information. The hackers are demanding a ransom of $1.2 … Continued
