Real-time threat intelligence from trusted sources
Infosecurity Magazine
UK MPs are advocating for a new economic security regime to address increasing cyber threats and related risks. The proposed legislation aims to enhance national security and protect the economy from potential cyber incidents.
Security Affairs
CISA has issued a warning regarding the use of commercial spyware and remote access trojans (RATs) targeting users of popular messaging apps like WhatsApp and Signal. This threat highlights the increasing risk to user privacy and security in mobile communications, necessitating heightened vigilance and protective measures.
Infosecurity Magazine
The new Shai-Hulud worm has infected numerous npm packages, significantly disrupting continuous integration and continuous deployment (CI/CD) workflows globally. This incident poses a serious threat to developers and organizations relying on npm for their software development processes.
Canon has reported that one of its subsidiaries has been affected by the Oracle EBS hack, which has resulted in over 100 alleged victims being listed on the Cl0p ransomware website. This incident highlights the significant impact of the Oracle EBS campaign and raises concerns about the security of affected organizations.
The Hacker News
The CISA has issued a warning about ongoing spyware campaigns targeting users of mobile messaging applications like Signal and WhatsApp. These attacks utilize advanced social engineering tactics to deliver spyware, posing significant risks to user privacy and security.
The Shai-Hulud worm has emerged as a significant cybersecurity threat, infecting nearly 500 open-source packages and compromising over 26,000 GitHub repositories within a 24-hour period. This incident highlights the increasing automation and strength of self-replicating malware, raising concerns about the security of open-source software ecosystems.
The ShadowRay 2.0 threat actor is exploiting a vulnerability in the Ray framework to commandeer AI infrastructure globally, creating a self-propagating botnet for cryptomining and data theft. This poses a significant risk to AI systems and could lead to extensive data breaches and financial losses.
The article highlights the exploitation of CVE-2025-61757, which follows a breach of Oracle Cloud and an extortion campaign targeting Oracle E-Business Suite customers. This indicates a significant security threat that could impact numerous organizations relying on Oracle's services.
The article discusses a new variant of malware that executes malicious code during the preinstallation phase, posing a significant risk to build and runtime environments. This increase in potential exposure highlights the severity of the threat and the need for immediate attention from cybersecurity professionals.
Advancements in vision language models have enhanced their reasoning capabilities, which can be leveraged to improve employee safety and protect physical security. This development highlights the potential for AI technologies to play a significant role in safeguarding workplaces.
CISA has confirmed the exploitation of a vulnerability in Oracle Identity Manager, identified as CVE-2025-61757, which has been added to its Known Exploited Vulnerabilities catalog. This indicates a significant security risk for organizations using the affected systems, necessitating immediate attention to mitigate potential breaches.
CrowdStrike has confirmed the termination of an insider who shared sensitive information with cybercriminals, leading to false claims of a system breach. This incident highlights the risks posed by insider threats and the importance of safeguarding sensitive data against unauthorized access.
Researchers have identified five critical vulnerabilities in Fluent Bit, a telemetry agent, that could be exploited to compromise cloud infrastructures. These flaws enable attackers to bypass authentication, execute remote code, and cause denial-of-service conditions, posing significant risks to cloud security.
Security Affairs
Delta Dental of Virginia experienced a significant data breach affecting approximately 146,000 customers, compromising sensitive personal and health information, including Social Security numbers and health data. This incident highlights the vulnerabilities associated with email account security and the potential risks to customer privacy and identity.
Microsoft has raised concerns about the security risks associated with its new Agentic AI feature, highlighting the potential for AI agents to engage in malicious activities like data exfiltration and malware installation if not properly secured. This underscores the critical need for robust security controls to mitigate these risks.