Salesforce, CentreStack Hit by Hackers in Zero-Day Attacks
▼ Summary
– A new study based on Google’s VRP provides data on optimizing bug bounty programs to focus on critical vulnerabilities and avoid low-value reports.
– AI security architectures are being explored for space systems to manage moving satellites and secure communications over delay-prone links.
– The Cl0p gang exploited a zero-day vulnerability (CVE-2025-61882) in Oracle E-Business Suite to steal data, with leaked exploit scripts expected to fuel further attacks.
– Redis patched a critical vulnerability (CVE-2025-49844) that could allow attackers full access to host systems, urging immediate updates.
– North Korean hackers have stolen over $2 billion in cryptocurrency in 2025, according to blockchain analytics firm Elliptic.
Recent cybersecurity incidents have highlighted the persistent threat of zero-day vulnerabilities, with major platforms like Salesforce and CentreStack falling victim to sophisticated attacks. These events underscore the critical need for organizations to prioritize timely patching and robust security measures. The digital landscape continues to evolve, presenting new challenges for defenders.
A recent academic study examining Google’s Vulnerability Rewards Program provides valuable insights for optimizing bug bounty initiatives. Organizations can avoid being inundated with low-quality reports by refining their strategy, focusing instead on uncovering severe vulnerabilities that might otherwise go undetected.
Security considerations are extending beyond terrestrial networks into orbit. Managing the security of hundreds of satellites presents unique complexities, as each functions as a moving endpoint communicating over delayed links. Research is now exploring how artificial intelligence could automate security for these space-based systems, debating whether a centralized or distributed control model proves more effective.
In a recent interview, Jess Vachon, CISO at PRA Group, discussed the company’s multi-layered approach to fraud defense. She emphasized the delicate balance between rigorous identity verification and maintaining a frictionless customer experience, highlighting the company’s commitment to protecting client trust.
Small and medium-sized businesses, frequent targets of cyberattacks, often operate with limited training budgets. A new study from Cleveland State University proposes a streamlined, scenario-based curriculum derived from the NICE Cybersecurity Workforce Framework. This approach makes essential cybersecurity training more accessible and could benefit security leaders in larger enterprises as well.
The Cl0p extortion gang has been actively exploiting multiple vulnerabilities in Oracle E-Business Suite, including a zero-day flaw tracked as CVE-2025-61882. According to Charles Carmakal, CTO at Mandiant, this activity led to the theft of substantial data from several victims in August 2025.
A group identifying as Scattered Lapsus$ Hunters established a data leak site to pressure organizations into paying ransoms. The group claims to have compromised Salesforce databases and threatens to publish the stolen information unless their demands are met.
Security researchers from Resecurity and watchTowr have analyzed scripts leaked on Telegram that exploit the Oracle EBS vulnerability CVE-2025-61882. The origin of these scripts remains unclear, but their public availability is expected to fuel a new wave of attacks against internet-facing Oracle instances.
Redis has issued patches for a critical vulnerability, CVE-2025-49844, which could grant attackers complete control over the host system. Users are urged to apply these updates immediately to protect their deployments.
Blockchain analytics firm Elliptic reports that North Korean hackers have stolen over $2 billion in cryptocurrency so far in 2025, with several months remaining in the year.
Palo Alto Networks researchers have identified a phishing kit dubbed “IUAM ClickFix Generator.” This tool enables less skilled attackers to deploy malware using the increasingly prevalent ClickFix social engineering method.
Following a Mandiant-supported investigation, SonicWall confirmed that attackers who brute-forced their cloud backup service gained access to configuration backup files for every customer who had used the service.
Threat actors are expanding their toolkit with legitimate commercial and open-source software. Researchers note that tools like Velociraptor and Nezha are increasingly being repurposed for malicious campaigns.
Attackers are actively exploiting CVE-2025-11371, an unauthenticated Local File Inclusion vulnerability affecting Gladinet CentreStack and Triofox file-sharing platforms. No patch is currently available for this flaw, leaving systems exposed.
The rise of agentic AI systems necessitates a shift in identity and access management. Traditional action-based permissions may no longer suffice; intent-based permissions that comprehend the purpose behind an AI agent’s actions are becoming essential.
October 2025 marks the end of support for several longstanding Microsoft products, including Windows 10, Office 2016, and Exchange Server 2016. Office 2019 and Exchange Server 2019 are also approaching their end-of-life dates.
Addressing the human element in cybersecurity remains a paramount challenge. Jacob Martens, Field CISO at Upwind Security, explains that most breaches originate from human actions, not technical flaws. Attackers successfully exploit emotions like urgency and fear through phishing and social engineering.
A new research project introduces ARGUS, a mobile robotic system designed to simultaneously monitor both digital and physical environments. This integrated approach helps security teams identify coordinated threats that span cyber and physical domains.
Success in cybersecurity job interviews often hinges on thorough preparation and a clear understanding of what to expect. Candidates who familiarize themselves with common questions and scenarios tend to perform better.
Disinformation campaigns increasingly rely on automated bot farms to manipulate public opinion, influence elections, and erode trust in institutions. These operations represent a significant challenge to information integrity.
Researchers are developing new systems to maintain communication during network failures caused by disasters. These solutions aim to provide reliable connectivity when traditional infrastructure is compromised.
Many developing economies struggle to keep pace with the global fight against cybercrime. Cybersecurity is often viewed as a secondary priority due to budget constraints, resulting in inadequate investment in tools, training, and skilled personnel.
An AI system has been developed to identify scam websites within search results. While existing security tools can detect known fraudulent sites, this new approach aims to flag newly created deceptive pages before they cause financial harm.
The open-source Proxmox Mail Gateway has reached version 9.0. Since its initial release in 2005, this mail proxy has helped organizations filter spam and block malware by positioning itself between the firewall and internal mail servers.
DefectDojo continues to serve as a popular open-source platform for DevSecOps and vulnerability management. It assists teams in consolidating security findings, tracking remediation efforts, and generating comprehensive reports.
Nagios remains a cornerstone of open-source IT monitoring, now offered as part of the Nagios Core Services Platform. It provides extensive visibility across infrastructure components, enabling proactive issue detection and system reliability.
Phishing attacks are experiencing a resurgence, powered by artificial intelligence. A comprehensive threat report from Comcast, analyzing billions of security events, illustrates how adversaries are refining their tactics to appear more legitimate.
Despite widespread awareness, many organizations and individuals continue to rely on weak authentication methods. Personal habits often introduce additional security risks that attackers can exploit.
A new report from PwC identifies geopolitics, emerging technologies like AI and quantum computing, and persistent skills shortages as key factors reshaping cybersecurity priorities across various industries.
The Zurich Insurance Group has published a report advocating for six specific metrics to help policymakers assess national cyber resilience. The current lack of reliable data often leaves economies vulnerable to systemic threats.
The cryptocurrency sector faces significant encryption challenges. A security assessment found that none of the thousands of web and mobile applications tested support post-quantum encryption, while millions of user records are already available on dark web markets.
Artificial intelligence is demonstrating tangible benefits in security operations centers. A benchmark study indicates that AI agents can help analysts investigate alerts more quickly and accurately without requiring major workflow overhauls.
The cybersecurity job market continues to offer diverse opportunities for professionals at various experience levels. Current openings reflect the ongoing demand for skilled personnel across the industry.
A new eBook focuses on defending identity security in real-time, offering strategies to block weak passwords, protect accounts instantly, and streamline helpdesk operations through automated defenses.
Recent product releases from companies like Object First, OPSWAT, Radiflow, and Semperis represent the latest innovations in the information security market, providing new tools to address emerging threats.
(Source: HelpNet Security)
