VulnHub

Cybersecurity researchers have identified a campaign that exploits Blender Foundation files to distribute StealC V2, a data-stealing malware. This operation has been ongoing for at least six months, posing significant risks to users who download infected .blend files from platforms like CGTrader.

The article reports on a new supply chain attack named 'Shai-Hulud' that has infected 640 NPM packages. This self-replicating worm poses a severe threat as it can erase home directory contents if it fails to propagate to additional repositories.

CISA has issued a warning regarding the use of commercial spyware and remote access trojans (RATs) targeting users of popular messaging apps like WhatsApp and Signal. This threat highlights the increasing risk to user privacy and security in mobile communications, necessitating heightened vigilance and protective measures.

The new Shai-Hulud worm has infected numerous npm packages, significantly disrupting continuous integration and continuous deployment (CI/CD) workflows globally. This incident poses a serious threat to developers and organizations relying on npm for their software development processes.

Canon has reported that one of its subsidiaries has been affected by the Oracle EBS hack, which has resulted in over 100 alleged victims being listed on the Cl0p ransomware website. This incident highlights the significant impact of the Oracle EBS campaign and raises concerns about the security of affected organizations.

The CISA has issued a warning about ongoing spyware campaigns targeting users of mobile messaging applications like Signal and WhatsApp. These attacks utilize advanced social engineering tactics to deliver spyware, posing significant risks to user privacy and security.

The Shai-Hulud worm has emerged as a significant cybersecurity threat, infecting nearly 500 open-source packages and compromising over 26,000 GitHub repositories within a 24-hour period. This incident highlights the increasing automation and strength of self-replicating malware, raising concerns about the security of open-source software ecosystems.

The ShadowRay 2.0 threat actor is exploiting a vulnerability in the Ray framework to commandeer AI infrastructure globally, creating a self-propagating botnet for cryptomining and data theft. This poses a significant risk to AI systems and could lead to extensive data breaches and financial losses.

The article highlights the exploitation of CVE-2025-61757, which follows a breach of Oracle Cloud and an extortion campaign targeting Oracle E-Business Suite customers. This indicates a significant security threat that could impact numerous organizations relying on Oracle's services.

CISA has confirmed the exploitation of a vulnerability in Oracle Identity Manager, identified as CVE-2025-61757, which has been added to its Known Exploited Vulnerabilities catalog. This indicates a significant security risk for organizations using the affected systems, necessitating immediate attention to mitigate potential breaches.