Cybersecurity experts have identified a new Android malware dubbed BankBot YNRK, which can take control of smartphones and quickly drain bank accounts. This threat is part of a growing trend of financial trojans targeting users in Asia and Europe. The malware can mute notifications, take screenshots, read device content, and …
Read More »
The French Football Federation (FFF) has reported a major cybersecurity breach that led to the theft of personal data from members and licensees. The federation announced that hackers had breached the centralized software used by football clubs to handle memberships and daily tasks. The breach happened not because of software …
Read More »
Hacker specially target on the 2025 holiday season and that has seen a surge in cyber threats, as attackers utilize advanced infrastructure to take advantage of increased online shopping. This year, criminals are using automated tools to expand their deceptive digital operations across various merchant categories. These campaigns mainly use …
Read More »
OpenAI has revealed a data breach involving Mixpanel, a third-party analytics provider that was used to monitor API platform usage. The breach exposed limited but sensitive user information, including names, email addresses, operating system details, and browser metadata. OpenAI stated that the incident came from Mixpanel’s infrastructure and did not involve …
Read More »
Crisis24 reported that its OnSolve CodeRED platform experienced a cyberattack, affecting emergency notification systems for governments and emergency services nationwide. The CodeRED platform enables these agencies to send alerts to residents during emergencies. The cyberattack forced Crisis24 to decommission the legacy CodeRED environment, causing widespread disruption for organizations that use …
Read More »
Salesforce said on Wednesday that it’s investigating a breach of “certain customers’ Salesforce data” that was compromised through apps published by Gainsight, a company that sells a platform for other companies to manage their customers. In a notice published late Wednesday, Salesforce said the hacks involve “Gainsight-published applications connected to …
Read More »
Researchers gathered 3.5 billion WhatsApp phone numbers and personal information by abusing a contact-discovery API without proper rate limiting. This study shows a common tactic used by threat actors to collect user information from unprotected public APIs, even though the researchers haven’t shared the data. Abusing WhatsApp API: The researchers …
Read More »
CISA warns government agencies to patch Oracle Identity Manager (CVE-2025-61757) due to potential zero-day exploitation. CVE-2025-61757 is a pre-authentication remote code execution vulnerability in Oracle Identity Manager, found by Searchlight Cyber analysts Adam Kues and Shubham Shahflaw. The flaw stems from an authentication bypass in Oracle Identity Manager’s REST APIs, …
Read More »
The Clop ransomware group published a list that listed 39 new victims on its data leak site in the last 24 hours. This increase in listings suggests a major automated campaign. The Clop ransomware gang has claimed breach of Oracle’s internal systems. This is part of a large extortion campaign …
Read More »
The Clop ransomware gang claims to have breached Oracle’s internal systems and has listed the company on its dark web leak site. This is part of a large extortion campaign that takes advantage of a serious zero-day vulnerability in Oracle E-Business Suite (EBS), dubbed CVE-2025-61882. Security experts report that Clop …
Read More »
InfoSecBulletin Cybersecurity for mankind