Latest Intelligence
Patch Now: 'RediShell' Threatens Cloud Via Redis RCE
The article highlights a critical vulnerability in the Redis data storage service that has remained unpatched for 13 years, posing a severe risk of full host takeover. With over 300,000 instances currently exposed, immediate action is advised to mitigate the threat. Read Original »
13-Year-Old Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely
Redis has revealed a critical security vulnerability in its in-memory database software that allows remote code execution through a specially crafted Lua script. This flaw, known as CVE-2025-49844 or RediShell, has been assigned a maximum CVSS score of 10.0. Read Original »
Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware
Microsoft has linked the threat actor Storm-1175 to the exploitation of a critical vulnerability in Fortra GoAnywhere software, which has been used to deploy Medusa ransomware. The vulnerability, identified as CVE-2025-10035, has a CVSS score of 10.0 and allows for command injection without authentication. Read Original »
Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks
Oracle E-Business Suite is facing serious security concerns due to the exploitation of a critical vulnerability, CVE-2025-61882, attributed to the threat actor known as Graceful Spider (Cl0p). The first known exploitation of this vulnerability occurred on August 9, 2025. Read Original »
Cyberattackers Exploit Zimbra Zero-Day Via ICS
A cyberattack attributed to a threat actor claiming to represent the Libyan Navy's Office of Protocol targeted Brazil's military using a Zimbra zero-day vulnerability. This attack utilized a rare tactic, highlighting the evolving nature of cyber threats. Read Original »
Clop Ransomware Hits Oracle Customers Via Zero-Day Flaw
The Clop ransomware gang has exploited a newly disclosed zero-day vulnerability to target Oracle E-Business Suite customers. This attack highlights the ongoing threat posed by ransomware groups leveraging unpatched security flaws. Read Original »
Chinese Gov't Fronts Trick the West to Obtain Cyber Tech
The article highlights how seemingly neutral Chinese institutions are engaging in collaborations with Western organizations and researchers, ultimately serving the interests of the People's Republic of China (PRC) state intelligence. This raises concerns about the integrity of such partnerships and the potential for technology theft. Read Original »
New Report Links Research Firms BIETA and CIII to China’s MSS Cyber Operations
A report indicates that the Beijing Institute of Electronics Technology and Application (BIETA) is likely connected to China's Ministry of State Security (MSS). This assessment is based on evidence linking BIETA personnel to MSS officers and their association with the University of International Relations. Read Original »
CISA Adds Seven Known Exploited Vulnerabilities to Catalog
CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities Catalog due to evidence of active exploitation. These vulnerabilities pose significant risks to federal enterprises, prompting a directive for timely remediation by agencies. Read Original »
5 Critical Questions For Adopting an AI Security Solution
Organizations are increasingly adopting AI Security Posture Management (AI-SPM) solutions to safeguard sensitive data and ensure compliance in the face of advancing AI and cloud technologies. These solutions play a crucial role in securing AI pipelines and the overall AI ecosystem. Read Original »
⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More
The article highlights the ongoing challenges in the cybersecurity landscape, emphasizing the need for vigilance against new threats and attacks. It summarizes key trends and incidents that are shaping security practices today. Read Original »
Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks
Oracle has issued an emergency update to fix a critical vulnerability in its E-Business Suite software, which has been actively exploited in Cl0p data theft attacks. The flaw, identified as CVE-2025-61882, has a high CVSS score of 9.8, indicating its severity. Read Original »
Chinese Cybercrime Group Runs Global SEO Fraud Ring Using Compromised IIS Servers
Researchers have identified a Chinese cybercrime group known as UAT-8099, which is involved in SEO fraud and the theft of sensitive data from compromised IIS servers. The majority of reported infections have occurred in India and Thailand. Read Original »
Self-Propagating Malware Hits WhatsApp Users in Brazil
A self-propagating malware campaign known as Water Saci is targeting WhatsApp users in Brazil. The malware, named Sorvepotel, is capable of stealing credentials and monitoring browser activity to facilitate financial fraud. Read Original »
How we trained an ML model to detect DLL hijacking
The article discusses the development of a machine-learning model by Kaspersky's AI expertise center aimed at detecting DLL hijacking attacks. This initiative highlights the increasing reliance on AI technologies to enhance cybersecurity measures. Read Original »