Internet Security

U.S. CISA adds an Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities catalog

November 22, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a an Oracle... Read more »

CrowdStrike denies breach after insider sent internal screenshots to hackers

November 21, 2025 add comment
CrowdStrike says an insider shared internal screenshots with hackers but confirms no system breach and no customer data exposure. BleepingComputer first reported that CrowdStrike said an insider shared internal... Read more »

SolarWinds addressed three critical flaws in Serv-U

November 21, 2025 add comment
SolarWinds patched three critical vulnerabilities in its Serv-U file transfer solution that could allow remote code execution. SolarWinds addressed three critical vulnerabilities in its Serv-U file transfer solution that... Read more »

Massive data leak hits Italian railway operator Ferrovie dello Stato via Almaviva hack

November 21, 2025 add comment
Ferrovie dello Stato Italiane (FS) data leaked after a breach at IT provider Almaviva. A hacker claims the theft of 2.3 TB of sensitive data. Data belonging to Italy’s national... Read more »

Salesforce alerts users to potential data exposure via Gainsight OAuth apps

November 21, 2025 add comment
Salesforce warns that unusual activity in Gainsight-linked OAuth apps may have enabled unauthorized access to some customers’ Salesforce data. Salesforce warned of unusual activity involving Gainsight-linked OAuth apps, noting... Read more »

Researchers devised a new enumeration technique that exposed 3.5B WhatsApp profiles

November 20, 2025 add comment
Researchers disclosed a WhatsApp flaw that exposed 3.5B accounts. Meta has patched it to prevent this mass enumeration. A team of researchers at the University of Vienna found a... Read more »

Sturnus: New Android banking trojan targets WhatsApp, Telegram, and Signal

November 20, 2025 add comment
The Android trojan Sturnus targets communications from secure messaging apps like WhatsApp, Telegram and Signal. Sturnus is a new Android banking trojan with full device-takeover abilities. It bypasses encrypted... Read more »

Coordinated sanctions hit Russian bulletproof hosting providers enabling top ransomware Ops

November 20, 2025 add comment
US, Australia and UK sanctioned 2 Russian bulletproof hosting providers accused of aiding groups like LockBit, BlackSuit and Play. US, Australia and UK sanctioned two Russian bulletproof hosting providers... Read more »

Cyber-enabled kinetic targeting: Iran-linked actor uses cyber operations to support physical attacks

November 20, 2025 add comment
Iran-linked actors mapped ship AIS data ahead of a missile strike attempt, highlighting the rise of cyber operations enabling real-world attacks. Iran-linked threat actors mapped ship Automatic Identification System... Read more »

U.S. CISA adds a Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

November 19, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Google Chromium V8 flaw,... Read more »
Subscribe to our Newsletter