Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed

Oracle E-Business Suite flaw CVE-2026-46817 is under active attack, with about 950 vulnerable internet-facing instances still exposed. This week, Defused Cyber researchers warned that a critical vulnerability in Oracle... Read more »

Microsoft Uncovers Widespread Hotel Phishing Campaign in Japan

Microsoft and Trend Micro found hotel phishing attacks using fake guest complaints and photo links to target staff in Japan. The post Microsoft Uncovers Widespread Hotel Phishing Campaign in... Read more »

Aflac Data Breach: Over 4M Customers in Japan May Be at Risk

Aflac says a data breach in Japan may affect 4.38 million customers and agents, exposing personal, policy, and some banking information. The post Aflac Data Breach: Over 4M Customers... Read more »

Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs

81 Million Login Attempts, 78 Compromised Accounts: The LSHIY Password Spray Hitting Azure CLI Huntress researchers have been tracking a massive automated password spray campaign against Microsoft Azure CLI... Read more »

CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks

CISA confirms BlueHammer (CVE-2026-33825) is now used in ransomware attacks to gain SYSTEM privileges through Microsoft Defender. BlueHammer, tracked as CVE-2026-33825, has moved from proof-of-concept noise to real ransomware... Read more »

RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow

RustDuck is a small, evolving DDoS botnet migrating to Rust. It uses advanced encryption, anti-analysis evasion, and exploits known IoT flaws. Since February 2026, researchers at QiAnXin’s XLab have... Read more »

GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents

Researchers found a shell injection flaw in 10 of 11 popular open-source AI agents, allowing attackers to bypass command filters. Adversa AI just published a survey, titled “GuardFall: a... Read more »

XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t

Police arrested the alleged admin of XSS.is, a major cybercrime forum whose trusted escrow service helped power the underground economy. On 22 July 2025, French and Ukrainian police arrested... Read more »

Meta Adds WhatsApp Usernames: Here’s What You Need to Know

WhatsApp is rolling out usernames so people can chat without sharing phone numbers. Here’s how reservations, username keys, and rules work. The post Meta Adds WhatsApp Usernames: Here’s What... Read more »

Hackers Steal Data of 4.38 Million Aflac Japan Customers

Hackers stole data from 4.38 million Aflac Japan customers after accessing its systems for 10 days before the breach was detected. Aflac Japan disclosed that hackers stole the personal... Read more »
Subscribe to our Newsletter