-
Researchers at Group-IB have uncovered a sophisticated phishing framework that demonstrates how cybercriminals are industrializing credential theft through automation, evasion techniques, and Telegram-based data exfiltration. The kit targets explicitly…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researcher Paul McCarty uncovered a significant coordinated spam campaign targeting the npm ecosystem. The IndonesianFoods worm, as it has been named, consists of more than 43,000 spam packages published across at least eleven user accounts over almost two years. These packages have survived undetected, representing more than one percent of the entire npm registry […] The post Hackers Flooded npm Registry Over 43,000 Spam Packages Survived for Almost Two Years appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco Talos has identified an emerging threat from Kraken, a sophisticated cross-platform ransomware group that has emerged from the remnants of the HelloKitty ransomware cartel. In August 2025, the security firm observed the Russian-speaking group con…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Washington Post has publicly disclosed a significant data breach involving external hacking of its Oracle E-Suite system, impacting over 9,700 employees and contractors worldwide. The breach notification, filed with Maine’s Attorney General, reveals the incident occurred on July 10, 2025, but remained undiscovered until October 27, 2025, nearly three-and-a-half months later. Maine official regulatory […] The post Washington Post Oracle E-Suite 0-Day Hack Impacts 9K+ Employees and Contractors appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A severe remote code execution (RCE) vulnerability has been discovered in Imunify360 AV, a widely used malware scanner protecting approximately 56 million websites. The security flaw, recently patched by CloudLinux, allows attackers to execute arbitrary commands and potentially take complete control of hosting servers. Patchstack researchers discovered a flaw in Imunify360 AV’s deobfuscation logic used […] The post Critical Imunify360 AV Vulnerability Exposes 56 Million+ Linux-hosted Websites to RCE Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A deceptive Chrome extension named Safery: Ethereum Wallet has emerged as a serious threat to cryptocurrency users. Published on the Chrome Web Store on November 12, 2024, this extension masquerades as a secure Ethereum wallet while secretly stealing user seed phrases. The malware’s sophisticated design allows attackers to gain complete control over victims’ cryptocurrency wallets […] The post Malicious Chrome Extension as Ethereum Wallet Enables Full Wallet Takeover appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Washington Post disclosed a significant data breach affecting more than 9,700 employees and contractors following an external system compromise targeting its Oracle E-Suite infrastructure. The breach, which occurred on July 10, 2025, went undetecte…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The notorious Cl0P ransomware group has claimed responsibility for breaching digital security firm Entrust, exploiting a critical zero-day vulnerability in Oracle E-Business Suite (EBS). The attack, tied to CVE-2025-61882, marks another high-profile victim in Cl0P’s relentless assault on organizations using Oracle’s enterprise software. Cl0P, known for high-impact extortion schemes, announced the breach on their dark […] The post Cl0P Ransomware Group Allegedly Claims Breach of Entrust in Oracle 0-Day EBS Hack appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical Remote Code Execution vulnerability has been patched in Imunify360 AV, a security product protecting approximately 56 million websites worldwide. Hosting companies must apply the patch immediately to prevent potential server compromises. The…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A recent investigation has uncovered alarming security vulnerabilities in Android-powered digital photo frames, turning what should be a simple home or office gadget into a potent tool for cybercriminals. The findings reveal that apps preinstalled on t…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
