Oracle has released an emergency update to address a critical security flaw in its E-Business Suite that it said has been exploited in the recent wave of Cl0p data theft attacks. The vulnerability, tracked as CVE-2025-61882 (CVSS score: 9.8), concerns an unspecified bug that could allow an unauthenticated attacker withRead More »Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks

Attorneys share their insights about the legal considerations organizations should be aware of when it comes to AI, third party relationships and BYOD policies.

Cybersecurity researchers have disclosed details of a new attack called CometJacking targeting Perplexity’s agentic AI browser Comet by embedding malicious prompts within a seemingly innocuous link to siphon sensitive data, including from connected services, like email and calendar. The sneaky prompt injection attack plays out in the form of aRead More »CometJacking: One Click Can Turn Perplexity’s Comet AI Browser Into a Data Thief

Threat intelligence firm GreyNoise disclosed on Friday that it has observed a spike in scanning activity targeting Palo Alto Networks login portals. The company said it observed a nearly 500% increase in IP addresses scanning Palo Alto Networks login portals on October 3, 2025, the highest level recorded in theRead More »Scanning Activity on Palo Alto Networks Portals Jump 500% in One Day

A threat actor named Detour Dog has been outed as powering campaigns distributing an information stealer known as Strela Stealer. That’s according to findings from Infoblox, which found the threat actor to maintain control of domains hosting the first stage of the stealer, a backdoor called StarFish. The DNS threatRead More »Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer

The threat actor behind Rhadamanthys has also advertised two other tools called Elysium Proxy Bot and Crypt Service on their website, even as the flagship information stealer has been updated to support the ability to collect device and web browser fingerprints, among others. “Rhadamanthys was initially promoted through posts onRead More »Rhadamanthys Stealer Evolves: Adds Device Fingerprinting, PNG Steganography Payloads

Brazilian users have emerged as the target of a new self-propagating malware that spreads via the popular messaging app WhatsApp. The campaign, codenamed SORVEPOTEL by Trend Micro, weaponizes the trust with the platform to extend its reach across Windows systems, adding the attack is “engineered for speed and propagation” ratherRead More »Researchers Warn of Self-Spreading WhatsApp Malware Named SORVEPOTEL