Researchers at Google Mandiant and GTIG are monitoring a suspected Cl0p ransomware affiliate conducting a mass extortion campaign against Oracle E-Business Suite customers. The attackers allege they have stolen sensitive corporate data and are demanding ransoms up to $50 million, as reported by the incident response firm Halcyon, which is …
Read More »50K Cisco firewalls vulnerable to actively exploited flaws
50k Cisco ASA and FTD devices on the internet are at risk due to two vulnerabilities being exploited by hackers. Flaws CVE-2025-20333 and CVE-2025-20362 allow remote code execution and access to restricted VPN URLs without authentication. On September 25, Cisco warned that the issues were actively exploited in attacks that …
Read More »
CVE-2025-55177 and CVE-2025-43300
WhatsApp 0-Click Vuln Exploited Using Malicious DNG File
Security researchers found a zero-click vulnerability in WhatsApp that lets remote code execution (RCE) on iOS, macOS, and iPadOS. The attack chain uses two vulnerabilities, CVE-2025-55177 and CVE-2025-43300, to compromise a device without user interaction. Researchers from DarkNavyOrg demonstrated a “zero-click” exploit that targets WhatsApp. This attack involves sending a …
Read More »Akira ransomware to breach SonicWall VPN account’s MFA-protected
Arctic Wolf noted a significant rise in Akira ransomware attacks since late July 2025, focusing on SonicWall SSL VPN accounts. This campaign is still active, with new infrastructure spotted as recently as September 20, 2025. Akira affiliates are exploiting stolen credentials, even in environments where multi-factor authentication (MFA) is enabled. …
Read More »US based Archer Health Exposed 23 GB patient health data
Archer Health, a US provider of in-home and palliative care, left an unsecured database online, exposing sensitive personal and health information to anyone who could find it, experts say. Cybersecurity researcher Jeremiah Fowler alerted WebsitePlanet after discovering the database and assisting in securing it. Fowler discovered an unprotected database with …
Read More »Auto Insurance Platform Exposed Over 5 Million Records
Cybersecurity researcher Jeremiah Fowler discovered a large, unprotected database with sensitive insurance and vehicle information. It contained over 5.1 million files, totaling 10TB, including powers of attorney, vehicle registrations, repair invoices, and images of damaged vehicles showing license plates and VIN numbers. According to Fowler, “The publicly exposed database was …
Read More »Fraudsters swipe Tk 27 lakh from SCB cardholders
An organised racket has reportedly siphoned off lakhs from Standard Chartered Bangladesh’s (SCB) credit card holders, raising serious cybersecurity concerns. According to a Bangladesh Bank source, a total of Tk27 lakh was siphoned from the credit cards of 54 customers of Standard Chartered Bangladesh during the last week of August. …
Read More »Cyber attack disrupts several European airports: check-in and boarding systems affected
Several European airports are experiencing flight delays and cancellations due to a cyber attack on a check-in and boarding systems service provider. The attack has made automated systems unusable, forcing only manual check-in and boarding, says Brussels Airport. Heathrow and Berlin airports reported that the attack disrupted flights, advising passengers …
Read More »Hacker claim to breach Link3; 189,000 Users data up for sale
A threat actor claims to have breached Link3, a major IT solutions and internet service provider based in Bangladesh. The data has been put up for sale on a dark web forum. According to the forum post: Link3 is the largest ISP in the country by active subscribers, offering essential …
Read More »AI Pentesting Tool ‘Villager’ Merges Kali Linux with DeepSeek AI for Automated Attacks
The Villager framework, an AI-powered penetration testing tool, integrates Kali Linux tools with DeepSeek AI to automate cyber attack processes. Developed by the Chinese group Cyberspike, it was released on the Python Package Index in July 2025 and quickly gained over 10,000 downloads in two months. Villager marks a major …
Read More »
InfoSecBulletin Cybersecurity for mankind