-
Oracle Corporation has officially acknowledged that cybercriminals are targeting customers of its E-Business Suite (EBS) platform through sophisticated extortion campaigns. The company’s Chief Security Officer, Rob Duhart, confirmed that hackers have been exploiting previously identified vulnerabilities that were addressed in Oracle’s July 2025 Critical Patch Update (CPU). This latest security incident underscores the persistent threat […] The post Oracle Confirms that Hackers Targeting E-Business Suite Data With Extortion Emails appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft Defender for Endpoint users, particularly those with Dell devices, are experiencing a widespread issue with false Basic Input/Output System (BIOS) security alerts due to a critical software bug. The problem, which surfaced on October 2, 2025,…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
NCC Group detailed a VMware Workstation guest-to-host escape achievable from a compromised VM via a logic flaw in virtual device handling that permits memory corruption and controlled code execution on the host process. The write-up shows a practical e…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Obex, a newly released proof-of-concept utility by security researcher dis0rder0x00, demonstrates a simple but effective user-mode method to stop unwanted security and monitoring modules from loading into Windows processes. The tool launches a target p…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Three critical security flaws were discovered in firmware version V9.4.0cu.1360_B20241207 of the TOTOLINK X6000R router released on March 28, 2025. These vulnerabilities range from argument injection and command injection to a security bypass that can …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has released Chrome 141 to address 21 security vulnerabilities, including critical flaws that could allow attackers to crash browsers and potentially execute malicious code. The update, rolling out across Windows, Mac, and Linux platforms, patches several high-severity vulnerabilities that pose significant risks to user security. The most severe vulnerability addressed is CVE-2025-11205, a heap […] The post Chrome Security Update – Patch for 21 Vulnerabilities that Allows Attackers to Crash Browser appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability in the official Termix Docker image puts users at risk of exposing sensitive SSH credentials. The flaw allows anyone with network access to retrieve stored host addresses, usernames, and passwords without logging in. How the Vu…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Chrome team has released Chrome 141.0.7390.54/55 to the stable channel for Windows, Mac, and Linux, rolling out over the coming days and weeks. This update delivers critical security fixes, including 21 distinct vulnerabilities that span …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Splunk released security advisories addressing multiple vulnerabilities affecting various versions of Splunk Enterprise and Splunk Cloud Platform. The flaws range from cross-site scripting (XSS) vulnerabilities to access control bypasses, with CVSS sco…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new ransomware strain, dubbed FunkLocker, is leveraging artificial intelligence to expedite its development, while relying on the abuse of legitimate Windows utilities to disable security defenses and disrupt systems. The ransomware, attributed to a group known as FunkSec, highlights a growing trend of threat actors using AI to piece together malware with varying degrees […] The post AI-Powered FunkLocker Ransomware Leverages Windows utilities to Disable Defenses appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
