About 200K Linux systems from Framework shipped with signed UEFI components vulnerable to Secure Boot bypass, allowing bootkit installation and persistence. Firmware security company Eclypsium warns that about 200,000... Read more »

SAP addressed 13 new flaws, including a maximum severity vulnerability in SAP NetWeaver, which could lead to arbitrary command execution. SAP addressed 13 new vulnerabilities, including a maximum severity issue, tracked... Read more »

China-linked cyberespionage group Flax Typhoon hijacked an ArcGIS system for over a year and used it as a backdoor. China-linked APT group Flax Typhoon (aka Ethereal Panda or RedJuliett)... Read more »

Researchers found nearly half of geostationary satellites leak unencrypted data, exposing consumer, corporate, and military communications. A group of researchers from UC San Diego and the University of Maryland... Read more »

A botnet of 100K+ IPs from multiple countries is attacking U.S. RDP services in a campaign active since October 8. GreyNoise researchers uncovered a large-scale botnet that is targeting... Read more »

Harvard University confirmed being targeted in the Oracle EBS campaign after the Cl0p ransomware group leaked 1.3 TB of data. Harvard University confirmed it was targeted in the Oracle... Read more »

The UK’s NCSC handled 429 cyberattacks from Sept 2024–Aug 2025, including 204 nationally significant cases, over double the previous year’s total. The UK’s National Cyber Security Centre (NCSC) reported... Read more »

SpyChain shows how unverified COTS hardware in small satellites can enable persistent, multi-component supply chain attacks using NASA’s NOS3 simulator. The rise of small satellites has transformed scientific, commercial,... Read more »

Oracle issued an emergency security update to address a new E-Business Suite (EBS) vulnerability tracked as CVE-2025-61884. Oracle released an emergency patch to address an information disclosure flaw, tracked as... Read more »