Microsoft has released an emergency update to fix the Windows Recovery Environment (WinRE), which became unusable on systems with USB mice and keyboards after installing the October 2025 security updates. […]
CISA Confirms Exploitation of Latest Oracle EBS Vulnerability
The cybersecurity agency has added CVE-2025-61884 to its Known Exploited Vulnerabilities (KEV) catalog.
The post CISA Confirms Exploitation of Latest Oracle EBS Vulnerability appeared first on SecurityWeek.
Google Identifies Three New Russian Malware Families Created by COLDRIVER Hackers
A new malware attributed to the Russia-linked hacking group known as COLDRIVER has undergone numerous developmental iterations since May 2025, suggesting an increased “operations tempo” from the threat actor.
The findings come from Google Threat Intelligence Group (GTIG), which said the state-sponsored hacking crew has rapidly refined and retooled its malware arsenal merely five days following
The findings come from Google Threat Intelligence Group (GTIG), which said the state-sponsored hacking crew has rapidly refined and retooled its malware arsenal merely five days following
Hackers Used Snappybee Malware and Citrix Flaw to Breach European Telecom Network
A European telecommunications organization is said to have been targeted by a threat actor that aligns with a China-nexus cyber espionage group known as Salt Typhoon.
The organization, per Darktrace, was targeted in the first week of July 2025, with the attackers exploiting a Citrix NetScaler Gateway appliance to obtain initial access.
Salt Typhoon, also known as Earth Estries, FamousSparrow,
The organization, per Darktrace, was targeted in the first week of July 2025, with the attackers exploiting a Citrix NetScaler Gateway appliance to obtain initial access.
Salt Typhoon, also known as Earth Estries, FamousSparrow,
DNS0.EU private DNS service shuts down over sustainability issues
The DNS0.EU non-profit public DNS service focused on European users announced its immediate shut down due to time and resource constraints. […]
Microsoft: October updates break USB input in Windows Recovery
Microsoft has confirmed that this month’s security updates disable USB mice and keyboards in the Windows Recovery Environment (WinRE), making it unusable. […]
Five New Exploited Bugs Land in CISA’s Catalog — Oracle and Microsoft Among Targets
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws to its Known Exploited Vulnerabilities (KEV) Catalog, officially confirming a recently disclosed vulnerability impacting Oracle E-Business Suite (EBS) has been weaponized in real-world attacks.
The security defect in question is CVE-2025-61884 (CVSS score: 7.5), which has been described as a
The security defect in question is CVE-2025-61884 (CVSS score: 7.5), which has been described as a
South Korea Seeks to Arrest Dozens of Online Scam Suspects Repatriated From Cambodia
South Korea faces public calls to take stronger action to protect its nationals from being forced into overseas online scam centers.
The post South Korea Seeks to Arrest Dozens of Online Scam Suspects Repatriated From Cambodia appeared first on SecurityWeek.
Retail giant Muji halts online sales after ransomware attack on supplier
Japanese retail company Muji has taken offline its store due to a logistics outage caused by a ransomware attack at its delivery partner, Askul. […]
Over 75,000 WatchGuard security devices vulnerable to critical RCE
Nearly 76,000 WatchGuard Firebox network security appliances are exposed on the public web and still vulnerable to a critical issue (CVE-2025-9242) that could allow a remote attacker to execute code without authentication. […]