Aggregator
New Mic-E-Mouse Attack Shows Computer Mice Can Capture Conversations
Too salty to handle: Exposing cases of CSS abuse for hidden text salting
How to Repair Outlook PST File without ScanPST.exe?
25秋季班招生!节后直播:系统0day安全-IOT设备漏洞挖掘(第6期)
Windows内核CVE-2019-1215分析与复现
Memory Analysis Package 0.6
Infanteristen begonnen aan missie in Bosnië en Herzegovina
Мини-шпион в вашем кармане: прокуратура начала охоту на Apple за тотальную прослушку через Siri
GoAnywhere 0-Day RCE Vulnerability Exploited in the Wild to Deploy Medusa Ransomware
A critical deserialization flaw in GoAnywhere MFT’s License Servlet, tracked as CVE-2025-10035, has already been weaponized by the Storm-1175 group to execute the Medusa ransomware. The vulnerability affects GoAnywhere MFT versions up to 7.8.3. It resides in the License Servlet Admin Console, where a threat actor can forge a license response signature and bypass validation […]
The post GoAnywhere 0-Day RCE Vulnerability Exploited in the Wild to Deploy Medusa Ransomware appeared first on Cyber Security News.
NCSC: Patch Critical Oracle EBS Bug Now
CVE-2025-61882 Oracle E-Business Suite Zero-Day Under Active Exploitation
Oracle has issued an emergency security alert for CVE-2025-61882, a critical vulnerability in Oracle E-Business Suite (EBS) with active exploitation […]
The post CVE-2025-61882 Oracle E-Business Suite Zero-Day Under Active Exploitation appeared first on HawkEye.
Hackers Exploit Legitimate Commands to Breach Databases
In recent years, adversaries have abandoned traditional malware in favor of “living-off-the-land” operations against cloud and SaaS environments. Rather than deploying custom ransomware binaries, many threat actors now exploit misconfigured database services—leveraging only built-in commands to steal, destroy, or encrypt data. Victims often discover their data missing or inaccessible, replaced only by ransom notes stored […]
The post Hackers Exploit Legitimate Commands to Breach Databases appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Kibana Crowdstrike Connector Vulnerability Exposes Protected Credentials
Elastic has released a security advisory detailing a medium-severity vulnerability in the Kibana CrowdStrike Connector that could allow for the exposure of sensitive credentials. The flaw, tracked as CVE-2025-37728, affects multiple versions of Kibana and could allow a malicious user to access cached CrowdStrike credentials from other users within the same environment. The vulnerability underscores […]
The post Kibana Crowdstrike Connector Vulnerability Exposes Protected Credentials appeared first on Cyber Security News.