Redis has disclosed details of a maximum-severity security flaw in its in-memory database software that could result in remote code execution under certain circumstances. The […]
Hackers Exploit Legitimate Commands to Breach Databases
In recent years, adversaries have abandoned traditional malware in favor of “living-off-the-land” operations against cloud and SaaS environments. Rather than deploying custom ransomware binaries, many […]
OpenSSH ProxyCommand Flaw Allows Remote Code Execution – PoC Released
Security researchers have uncovered a critical flaw in OpenSSH’s ProxyCommand feature that can be leveraged to achieve remote code execution on client systems. Tracked as […]
CISA Issues Alert on Active Exploitation of Microsoft Windows Privilege Escalation Flaw
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a critical privilege escalation vulnerability in Microsoft Windows. Known as CVE-2021-43226, this […]
Mustang Panda Adopts New DLL Side-Loading Method to Deploy Malware
The sophisticated China-linked threat actor Mustang Panda has refined its cyber espionage arsenal with an advanced DLL side-loading technique specifically targeting the Tibetan community, according to recent […]
Cl0p Ransomware Actively Exploiting Oracle E-Business Suite 0-Day
The notorious Cl0p ransomware group has been actively exploiting a critical zero-day vulnerability in Oracle’s E-Business Suite (EBS), targeting enterprise customers through CVE-2025-61882. This sophisticated attack campaign […]
GoAnywhere 0-Day RCE Actively Exploited to Deliver Medusa Ransomware
A critical zero-day vulnerability in GoAnywhere MFT’s License Servlet is being actively exploited to deploy Medusa ransomware. On September 18, 2025, Fortra released an advisory […]
Hackers Launch Leak Portal to Publish Data Stolen from Salesforce Instances
The hacker collective styling itself “Scattered Lapsus$ Hunters”—an alliance echoing elements of ShinyHunters, Scattered Spider, and Lapsus$—has launched an extortionware portal to pressure victims into […]
Is the CISO chair becoming a revolving door?
CISO tenures average just 18 to 26 months, compared with nearly five years for the broader C-suite, according to CISO Workforce and Headcount 2023 Report […]
Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks
CrowdStrike on Monday said it’s attributing the exploitation of a recently disclosed security flaw in Oracle E-Business Suite with moderate confidence to a threat actor […]