Oracle has announced an urgent advisory urging its customers to implement the January 2025 Critical Patch Update (CPU) to resolve 318 newly identified security vulnerabilities across its product suite. This substantial release underscores the growing challenges in maintaining software security amid escalating threats. Among the vulnerabilities disclosed, the most critical…
The ongoing digital conflict linked to Russia’s invasion of Ukraine has escalated, with various threat actors, including Fancy Bear, Ghostwriter, and Mustang Panda, engaging in phishing campaigns targeting not only Ukraine but also Poland and other European nations. These cyber threats come as the geopolitical landscape remains tense, highlighting the…
Cybercrime, Fraud Management & Cybercrime, Geo Focus: The United Kingdom Jaguar Land Rover Resumes Operations Following Cyberattack Akshaya Asokan (asokan_akshaya) • October 6, 2025 Image: Tada Images/Shutterstock Jaguar Land Rover, a prominent British automotive manufacturer, has initiated a phased return to operations after halting production for over a month due…
A former software engineer with the U.S. Central Intelligence Agency (CIA) has received a 40-year prison sentence from the Southern District of New York (SDNY) for transferring classified documents to WikiLeaks as well as possessing child pornography. Joshua Adam Schulte, aged 35, was initially charged in June 2018 and subsequently…
A new data leak platform has emerged on the TOR network, operated by a group known as the “Trinity of Chaos.” This ransomware collective is reportedly connected to the infamous Lapsus$, Scattered Spider, and ShinyHunters groups. In a significant escalation of their cybercriminal activities, the site has listed 39 major…
Cybersecurity experts have reported that attackers are taking advantage of an undisclosed zero-day vulnerability in Cambium Networks cnPilot routers to deploy a new variant of the AISURU botnet, known as AIRASHI. This botnet is primarily orchestrating distributed denial-of-service (DDoS) attacks, which have reportedly been ongoing since June 2024. Research conducted…
Recent cybersecurity research has unveiled the utilization of a potent reflection/amplification attack method by malicious actors to execute prolonged distributed denial-of-service (DDoS) attacks, sustaining these assaults for as long as 14 hours and achieving an unprecedented amplification ratio of 4,294,967,296 to 1. This attack vector, known as TP240PhoneHome (CVE-2022-26143), has…
Emerging Concerns in Software Security: The Rise of Vibe Coding In a landscape where software development increasingly leans on existing resources, a noticeable trend has surfaced: vibe coding. Much like how consumers do not mill their own wheat for flour, most software developers do not start projects from ground zero,…
A new cybersecurity threat actor, identified as ResumeLooters, has emerged, targeting employment agencies and retail companies predominantly in the Asia-Pacific (APAC) region since early 2023. This group aims to compromise sensitive data, focusing on job search platforms and the unauthorized collection of resumes. According to research from Group-IB, a cybersecurity…
