Washington Post says it is among victims of cyber breach tied to Oracle software | Reuters The Washington Post has announced it is a victim of a cyber breach linked to Oracle software, specifically the Oracle E-Business Suite platform. This breach is attributed to the ransomware group CL0P, which has targeted numerous organizations using this Oracle software.

Continue reading →

What’s That Coming Over The Hill? (Monsta FTP Remote Code Execution CVE-2025-34299) This article details a pre-authenticated Remote Code Execution vulnerability (CVE-2025-34299) found in Monsta FTP, a web-based FTP client. Despite attempts to patch, the vulnerability persisted in later versions until version 2.11.3 was released on August 26, 2025.

Continue reading →

Vibe-coded ransomware proof-of-concept ended up on Microsoft’s marketplace | CSO Online A Visual Studio Code extension containing ransomware-style behavior and data-stealing capabilities, dubbed Ransomvibe, was successfully published to Microsoft’s marketplace. Despite containing obvious red flags like hardcoded credentials and decryption tools, the extension bypassed review and highlights a failure in Microsoft’s marketplace security.

Continue reading →

Cisco fixes critical UCCX flaw allowing Root command execution Cisco has addressed a critical vulnerability (CVE-2025-20354) in its Unified Contact Center Express (UCCX) software, which could allow remote attackers to execute commands with root privileges. The flaw stems from improper authentication in the Java RMI process, enabling unauthenticated attackers to upload files and run commands on affected systems.

Continue reading →

Hidden Logic Bombs in Malware-Laced NuGet Packages Set to Detonate Years After Installation Nine malicious NuGet packages have been discovered, containing logic bombs set to detonate in August 2027 and November 2028, targeting database operations and industrial control systems. The packages, published by user “shanhai666” and collectively downloaded nearly 9,500 times, employ sophisticated techniques to disguise attacks as random failures, making incident response extremely difficult.

Continue reading →

Fake 0-Day Exploit Emails Trick Crypto Users Into Running Malicious Code – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More A new cryptocurrency scam uses fake 0-day exploit emails to trick users into running malicious JavaScript code, leading them to believe they can achieve massive profits. The attackers manipulate the user’s browser to display inflated payouts and hijack transactions, directing funds to their own crypto wallets.

Continue reading →

Federally Qualified Health Center Reports Ransomware Breach The Central Jersey Medical Center, a federally qualified health center, has reported a ransomware attack that occurred on August 25th, potentially compromising sensitive patient information including names, dates of birth, social security numbers, and health records. The center is working with cybersecurity experts to investigate and enhance its security measures, though it has not disclosed if data was exfiltrated or the number of individuals affected.

Continue reading →

Amazon and Perplexity have kicked off the great AI web browser fight | The Verge Amazon has requested that Perplexity stop its AI browser, Comet, from purchasing products on its site, accusing the AI startup of providing a degraded shopping experience. Perplexity, in turn, has accused Amazon of bullying and stated that the e-commerce giant is more interested in serving ads and sponsored results than facilitating easier shopping, despite Amazon’s CEO expecting future partnerships with AI shopping agents.

Continue reading →

Geoffrey Hinton says tech giants can’t profit from AI investments unless human labor is replaced | Fortune According to Geoffrey Hinton, tech giants cannot profit from their AI investments without replacing human labor. He believes that the massive capital expenditures by companies like Microsoft, Meta, and Alphabet are predicated on the idea of widespread job displacement by AI, though he acknowledges AI’s potential for good in fields like healthcare and education.

Continue reading →

Police across Canada warn parents after morphine, staples, needles found in candy | Globalnews.ca Police across Canada are warning parents to carefully inspect Halloween candy after reports of morphine, needles, and staples found in treats in Ontario, B.C., and Saskatchewan. Authorities advise checking wrappers for tampering and reporting any suspicious items to the police.

Continue reading →

China-linked hackers exploited Lanscope flaw as a zero-day in attacks www.bleepingcomputer.com/news/secu… China-linked cyber-espionage actors tracked as ‘Bronze Butler’ (Tick) exploited a Motex Lanscope Endpoint Manager vulnerability as a zero-day to deploy an updated version of their Gokcpdoor malware. The discovery of this activity comes from Sophos researchers, who observed the threat actors exploiting the vulnerability in mid-2025 before it was patched to steal confidential information. The flaw exploited in these attacks is CVE-2025-61932, a critical request origin verification flaw impacting Motex Lanscope Endpoint Manager versions 9.

Continue reading →

CISA warns ransomware gangs exploit CVE-2024-1086, a Linux kernel flaw in netfilter: nf_tables, introduced in 2014 and patched in Jan 2024. securityaffairs.com/184076/se… CISA warned that ransomware gangs are exploiting CVE-2024-1086, a high-severity Linux kernel flaw introduced in 2014 and patched in January 2024. CISA didn’t provide details about the ransomware attacks exploiting the flaw or name the groups responsible for targeting it. The vulnerability CVE-2024-1086 is a Linux kernel use-after-free issue that resides in the netfilter: nf_tables component that allows an attacker to achieve local privilege escalation.

Continue reading →

Australia warns of BadCandy infections on unpatched Cisco devices www.bleepingcomputer.com/news/secu… The Australian government is warning about ongoing cyberattacks against unpatched Cisco IOS XE devices in the country to infect routers with the BadCandy webshell. The vulnerability exploited in these attacks is CVE-2023-20198, a max-severity flaw that allows remote unauthenticated threat actors to create a local admin user via the web user interface and take over the devices. Cisco fixed the flaw in October 2023, which was then marked as an actively exploited issue.

Continue reading →

Cloud Abuse at Scale www.fortinet.com/blog/thre… Identity compromise remains one of the most pressing threats to cloud infrastructure today. When attackers gain access to valid credentials, they can often bypass the traditional security controls designed to protect those environments. In AWS, this type of compromise frequently manifests through abuse of the Simple Email Service (SES), one of the most common tactics observed in real-world intrusions. SES offers adversaries a convenient and scalable way to conduct illicit email operations once they’ve obtained valid AWS access keys.

Continue reading →

When AI Agents Go Rogue: Agent Session Smuggling Attack in A2A Systems unit42.paloaltonetworks.com/agent-ses… We discovered a new attack technique, which we call agent session smuggling. This technique allows a malicious AI agent to exploit an established cross-agent communication session to send covert instructions to a victim agent. Here, we discuss the issues that can arise in a communication session using the Agent2Agent (A2A) protocol, which is a popular option for managing the connections between agents. The A2A protocol’s stateful behavior lets agents remember recent interactions and maintain coherent conversations.

Continue reading →