409/68 Friday, October 17, 2025 SAP has issued a security update addressing 13 newly discovered vulnerabilities, including one critical flaw with the highest severity rating (CVSS 10.0), tracked as CVE-2025-42944 in SAP NetWeaver. The issue, categorized as Insecure Deserialization, allows attackers to execute malicious commands. This vulnerability can be exploited remotely without authentication via the […]
408/68 Friday, October 17, 2025 Users of popular password managers LastPass and Bitwarden are being targeted in a new phishing campaign, where attackers send fake security alert emails claiming that the companies have been hacked. The emails urge recipients to immediately download a supposedly “more secure desktop version” of the software to protect their data. […]
407/68 Thursday, October 16, 2025 The U.S. Department of Justice (DOJ) announced the seizure of more than $15 billion worth of cryptocurrency (approximately 560 billion THB) from the leaders of the cybercrime network known as Prince Group, which orchestrated a massive crypto investment scam, also referred to as “Pig Butchering.” Victims were tricked into transferring […]
406/68 Thursday, October 16, 2025 Harvard University has confirmed that it was targeted in a cyberattack exploiting a vulnerability in Oracle E-Business Suite (EBS), after the Cl0p ransomware group published over 1.3 terabytes of data on its leak site on the Tor network. The university stated that the incident only affected a “small administrative unit” […]
405/68 Thursday, October 16, 2025 FortiGuard Labs, a cybersecurity research company, has disclosed a new wave of attacks spreading an information-stealing malware known as “Stealit.” Threat actors are disguising Stealit inside fake game and VPN installers, which they then upload to popular file-sharing platforms such as Mediafire and Discord to lure unsuspecting users into downloading […]
404/68 Wednesday, October 15, 2025 Unity Technologies, the developer of the Unity game engine-a widely used tool for building 3D games and applications-has confirmed that the website for SpeedTree, its graphics software and plugin marketplace, was compromised with malicious code on its payment page, resulting in the theft of customer data. The incident was detected […]
403/68 Wednesday, October 15, 2025 Researchers from the threat monitoring platform GreyNoise have detected a massive campaign leveraging over 100,000 botnet IP addresses worldwide to attack Remote Desktop Protocol (RDP) services in the United States. The campaign, which began on October 8, 2025, originates from multiple countries, including Brazil, Argentina, Iran, China, Mexico, Russia, South […]
402/68 Wednesday, October 15, 2025 On October 14, 2025, Microsoft officially ended support (End of Support – EOS) for the Windows 10 operating system. This means that the company will no longer provide software updates, technical support, or free security patches. As a result, hundreds of millions of computers worldwide that still rely on Windows […]
401/68 Tuesday, October 14, 2025 Cybersecurity authorities have issued a warning about a new scam in the United States after detecting a Smishing campaign (phishing via SMS) targeting New Yorkers. Threat actors are sending fraudulent text messages impersonating the New York State Department of Taxation and Finance, claiming to be part of an “Inflation Refund […]
400/68 Tuesday, October 14, 2025 Oracle has issued a security advisory regarding a newly discovered vulnerability affecting Oracle E-Business Suite (EBS) that could allow attackers to access sensitive information without authentication. Tracked as CVE-2025-61884, the flaw carries a CVSS score of 7.5 (High Severity) and impacts versions 12.2.3 through 12.2.14. According to the National Vulnerability […]
