Your blog category
Redis has disclosed details of a maximum-severity security flaw in its in-memory database software that could result in remote code execution under certain circumstances. The vulnerability, tracked as CVE-2025-49844 (aka… Read More »13-Year Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely
CrowdStrike on Monday said it’s attributing the exploitation of a recently disclosed security flaw in Oracle E-Business Suite with moderate confidence to a threat actor it tracks as Graceful Spider… Read More »Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks
A Chinese company named the Beijing Institute of Electronics Technology and Application (BIETA) has been assessed to be likely led by the Ministry of State Security (MSS). The assessment comes… Read More »New Report Links Research Firms BIETA and CIII to China’s MSS Cyber Operations
Cybersecurity researchers have shed light on a Chinese-speaking cybercrime group codenamed UAT-8099 that has been attributed to search engine optimization (SEO) fraud and theft of high-value credentials, configuration files, and… Read More »Chinese Cybercrime Group Runs Global SEO Fraud Ring Using Compromised IIS Servers
In the era of rapidly advancing artificial intelligence (AI) and cloud technologies, organizations are increasingly implementing security measures to protect sensitive data and ensure regulatory compliance. Among these measures, AI-SPM… Read More »5 Critical Questions For Adopting an AI Security Solution
The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons from the field. This recap cuts through… Read More »⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More
A now patched security vulnerability in Zimbra Collaboration was exploited as a zero-day earlier this year in cyber attacks targeting the Brazilian military. Tracked as CVE-2025-27915 (CVSS score: 5.4), the… Read More »Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files
Oracle has released an emergency update to address a critical security flaw in its E-Business Suite that it said has been exploited in the recent wave of Cl0p data theft… Read More »Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks
Cybersecurity researchers have disclosed details of a new attack called CometJacking targeting Perplexity’s agentic AI browser Comet by embedding malicious prompts within a seemingly innocuous link to siphon sensitive data,… Read More »CometJacking: One Click Can Turn Perplexity’s Comet AI Browser Into a Data Thief
Threat intelligence firm GreyNoise disclosed on Friday that it has observed a spike in scanning activity targeting Palo Alto Networks login portals. The company said it observed a nearly 500%… Read More »Scanning Activity on Palo Alto Networks Portals Jump 500% in One Day