Artificial intelligence is reshaping cybersecurity on both sides of the battlefield. Cybercriminals are using AI-powered tools to accelerate and automate attacks at a scale defenders have never faced before. Security teams are overwhelmed by an explosion of vulnerability data, tool outputs, and alerts, all while operating with finite human resources. The irony is that while AI has become a
Exploitation of Oracle EBS Zero-Day Started 2 Months Before Patching
Hundreds of internet-exposed Oracle E-Business Suite instances may still be vulnerable to attacks.
The post Exploitation of Oracle EBS Zero-Day Started 2 Months Before Patching appeared first on SecurityWeek.
OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks
OpenAI on Tuesday said it disrupted three activity clusters for misusing its ChatGPT artificial intelligence (AI) tool to facilitate malware development.
This includes a Russian‑language threat actor, who is said to have used the chatbot to help develop and refine a remote access trojan (RAT), a credential stealer with an aim to evade detection. The operator also used several ChatGPT accounts to
This includes a Russian‑language threat actor, who is said to have used the chatbot to help develop and refine a remote access trojan (RAT), a credential stealer with an aim to evade detection. The operator also used several ChatGPT accounts to
Salesforce refuses to pay ransom over widespread data theft attacks
Salesforce has confirmed that it will not negotiate with or pay a ransom to the threat actors behind a massive wave of data theft attacks that impacted the company’s customers this year. […]
Docker makes Hardened Images Catalog affordable for small businesses
The Docker team has announced unlimited access to its Hardened Images catalog to make access to secure software bundles affordable for all development teams at startups and SMBs. […]
Google won’t fix new ASCII smuggling attack in Gemini
Google has decided not to fix a new ASCII smuggling attack in Gemini that could be used to trick the AI assistant into providing users with fake information, alter the model’s behavior, and silently poison its data. […]
DraftKings warns of account breaches in credential stuffing attacks
Sports betting giant DraftKings has notified an undisclosed number of customers that their accounts had been hacked in a recent wave of credential stuffing attacks. […]
Clop exploited Oracle zero-day for data theft since early August
The Clop ransomware gang has been exploiting a critical Oracle E-Business Suite (EBS) zero-day bug in data theft attacks since at least early August, according to cybersecurity company CrowdStrike. […]
BatShadow Group Uses New Go-Based ‘Vampire Bot’ Malware to Hunt Job Seekers
A Vietnamese threat actor named BatShadow has been attributed to a new campaign that leverages social engineering tactics to deceive job seekers and digital marketing professionals to deliver a previously undocumented malware called Vampire Bot.
“The attackers pose as recruiters, distributing malicious files disguised as job descriptions and corporate documents,” Aryaka Threat Research Labs
“The attackers pose as recruiters, distributing malicious files disguised as job descriptions and corporate documents,” Aryaka Threat Research Labs
North Korean hackers stole over $2 billion in crypto this year
North Korean hackers have stolen an estimated $2 billion worth of cryptocurrency assets in 2025, marking the largest annual total on record. […]