Authorities Sanctioned Russia-based Bulletproof Hosting Provider for Supporting Ransomware Operations
The U.S. Department of the Treasury, Australia, and the United Kingdom have announced coordinated sanctions against Media Land.
This Russia-based bulletproof hosting company provides infrastructure...
Tsundere Botnet Abusing Popular Node.js and Cryptocurrency Packages to Attack Windows, Linux, and macOS...
Tsundere represents a significant shift in botnet tactics, leveraging the power of legitimate Node.js packages and blockchain technology to distribute malware across multiple operating...
Threat Actors Allegedly Selling Microsoft Office 0-Day RCE Vulnerability on Hacking Forums
A threat actor known as Zeroplayer has reportedly listed a zero-day remote code execution (RCE) vulnerability, combined with a sandbox escape, targeting Microsoft Office...
Lessons from Oracle E-Business Suite Hack That Allegedly Compromises Nearly 30 Organizations Worldwide
A sophisticated cyberattack targeting Oracle E-Business Suite (EBS) customers has exposed critical vulnerabilities in enterprise resource planning systems, compromising an estimated 100 organizations worldwide...
Critical Windows Graphics Vulnerability Lets Hackers Seize Control with a Single Image
A critical remote code execution flaw in Microsoft's Windows Graphics Component allows attackers to seize control of systems using specially crafted JPEG images.
With a...
Oracle Allegedly Breached by Clop Ransomware via E-Business Suite 0-Day Hack
The notorious Clop ransomware gang has listed Oracle on its dark web leak site, alleging a successful breach of the tech giant's internal systems.
This...
SonicOS SSLVPN Vulnerability Let Attackers Crash the Firewall Remotely
SonicWall has disclosed a critical stack-based buffer overflow vulnerability in its SonicOS SSLVPN service. That allows remote unauthenticated attackers to crash firewalls through denial-of-service...
Critical Grafana Vulnerability Let Attackers Escalate Privilege
Grafana Labs has disclosed a critical security vulnerability affecting Grafana Enterprise that could allow attackers to escalate privileges and impersonate users.
The flaw, tracked as CVE-2025-41115,...
China-linked APT24 Hackers New BadAudio Compromised Legitimate Public Websites to Attack Users
APT24, a sophisticated cyber espionage group linked to China's People's Republic, has launched a relentless three-year campaign delivering BadAudio, a highly obfuscated first-stage downloader...
Salesforce Confirms that Customers’ Data Was Accessed Following the Gainsight Breach
Salesforce has issued a critical security alert identifying "unusual activity" involving Gainsight-published applications connected to customer environments.
The CRM giant’s investigation indicates that this activity...
.webp?w=100&resize=100,70&ssl=1 "Top 10 Best Fraud Prevention Companies in 2025")
