Alert

The Clop ransomware gang claims to have breached Oracle’s internal systems and has listed the company on its dark web leak site. This is part of a large extortion campaign that takes advantage of a serious zero-day vulnerability in Oracle E-Business Suite (EBS), dubbed CVE-2025-61882. Security experts report that Clop …

Since November 14, 2025, hackers launched over 2.3 million attacks on Palo Alto Networks’ GlobalProtect VPN portals, as reported by GreyNoise. A 40-fold increase in activity within 24 hours marks the highest level in 90 days, indicating rising risks to global remote access systems. Attacks aim at the /global-protect/login.esp URI …

CISA has instructed U.S. gov.t agencies to secure their systems within a week due to a vulnerability in Fortinet’s FortiWeb web application firewall that has been exploited in zero-day attacks. CVE-2025-58034 is an OS command injection flaw that lets authenticated attackers execute code with minimal effort and no user interaction. …

Fortinet warned on Friday about a vulnerability in FortiWeb that lets remote, unauthenticated attackers gain admin access to web application firewalls. The bug, labeled CVE-2025-64446 with a CVSS score of 9.1, is a path traversal vulnerability, allowing attackers to run admin commands through specially crafted HTTP or HTTPS requests. Fortinet noted, …

Palo Alto Networks unveils a critical vulnerability in its PAN-OS firewall software that lets unauthenticated attackers remotely restart firewalls by sending specific packets. CVE-2025-4619 is a critical vulnerability that threatens organizations using Palo Alto firewalls for network security. The flaw, identified as CWE-754 (Improper Check for Unusual or Exceptional Conditions), …

Amazon’s threat intelligence team discovered that attacker exploiting previously undisclosed zero-day vulnerabilities in Cisco Identity Service Engine (ISE) and Citrix systems. This campaign utilized custom malware and showed access to various hidden vulnerabilities, indicating a trend where attackers target essential identity and network access controls. Amazon’s MadPot honeypot service identified …

QNAP has urgently advised users and released patches for seven zero-day vulnerabilities exploited during the Pwn2Own Ireland 2025 competition, affecting their NAS devices. These patches address critical flaws in the core operating systems and key applications, such as backup and malware removal tools. Top security research teams, including Summoning Team, …

A new Android banking Trojan called Herodotus has emerged recently. It is offered as Malware-as-a-Service (MaaS) and pretends to be a legitimate app to trick users into installing an APK. After installation, it requests sensitive permissions and can control the device for banking transactions. A modern mobile attack, yet once …

Security researchers found Android spyware that targeted Samsung Galaxy phones for almost a year. Researchers at Palo Alto Networks’ Unit 42 said the spyware, which they call “Landfall,” was first detected in July 2024 and relied on exploiting a security flaw in the Galaxy phone software that was unknown to …

Cisco alerted the customer that hackers are exploiting a serious remote code execution flaw in its Secure Firewall ASA and Threat Defense software. First disclosed on September 25, 2025, the vulnerability tracked as CVE-2025-20333 poses a severe risk to organizations relying on these firewalls for VPN access. With a CVSS …