Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks
Oct 11, 2025Ravie LakshmananNetwork Security / Vulnerability
Threat actors are abusing Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in connection with ransomware attacks likely orchestrated by Storm-2603...
Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts
Oct 11, 2025Ravie LakshmananCloud Security / Network Security
Cybersecurity company Huntress on Friday warned of "widespread compromise" of SonicWall SSL VPN devices to access multiple customer environments.
"Threat actors are authenticating...
New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login
Oct 12, 2025Ravie LakshmananVulnerability / Threat Intelligence
Oracle on Saturday issued a security alert warning of a fresh security flaw impacting its E-Business Suite that it said could allow unauthorized...
New Rust-Based Malware “ChaosBot” Uses Discord Channels to Control Victims’ PCs
Oct 13, 2025Ravie LakshmananRansomware / Windows Security
Cybersecurity researchers have disclosed details of a new Rust-based backdoor called ChaosBot that can allow operators to conduct reconnaissance and execute arbitrary commands...
⚡ Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More
Oct 13, 2025Ravie LakshmananCybersecurity / Hacking News
Every week, the cyber world reminds us that silence doesn't mean safety. Attacks often begin quietly — one unpatched flaw, one overlooked credential,...
Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks
CrowdStrike on Monday said it's attributing the exploitation of a recently disclosed security flaw in Oracle E-Business Suite with moderate confidence to a threat actor it tracks as Graceful...
Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware
Oct 07, 2025Ravie LakshmananVulnerability / Cloud Security
Microsoft on Monday attributed a threat actor it tracks as Storm-1175 to the exploitation of a critical security flaw in Fortra GoAnywhere software...
XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities
Cybersecurity researchers have charted the evolution of XWorm malware, turning it into a versatile tool for supporting a wide range of malicious actions on compromised hosts.
"XWorm's modular design is...
Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks
Oct 06, 2025Ravie LakshmananVulnerability / Threat Intelligence
Oracle has released an emergency update to address a critical security flaw in its E-Business Suite that it said has been exploited in...
⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More
Oct 06, 2025Ravie LakshmananCybersecurity / Hacking News
The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons...
