Topic: corporate security
-
Nation-State Hackers Breach F5, Endangering Thousands of Customers
A nation-state hacking group infiltrated F5's networks, compromising thousands of organizations, including US government agencies and Fortune 500 companies, posing a severe global cybersecurity threat. The attackers maintained undetected access for years, enabling them to steal BIG-IP source code...
Read More » -
Scammers Impersonate Police to Steal Private Data From Tech Giants
Hackers are impersonating law enforcement to fraudulently obtain private customer data from major tech companies like Apple and Amazon, exploiting weak corporate verification processes for emergency data requests. A criminal group operates a "doxing-as-a-service" model, boasting hundreds of succe...
Read More » -
1Password's New Anti-Phishing Tool Protects Your Weakest Link
AI-powered phishing scams are creating sophisticated, convincing fake websites at scale, posing a significant threat to both individuals and corporations as a common entry point for attacks. 1Password's new phishing protection feature counters this by issuing a warning when users manually paste c...
Read More » -
Urgent: Hackers Exploit Unpatched Oracle EBS Vulnerabilities
Oracle has confirmed active exploitation of unpatched vulnerabilities in its E-Business Suite, with hackers sending extortion emails claiming to have stolen sensitive corporate data. The vulnerabilities were resolved in the July 2025 Critical Patch Update, which addressed nine EBS flaws, includin...
Read More » -
Okta Users Targeted by Advanced Phishing & Vishing Kits
New phishing kits enable real-time credential interception and control of authentication flows, targeting users of major identity platforms like Google and Microsoft. These attacks combine voice phishing with dynamic, convincing fake login pages that bypass multi-factor authentication methods lik...
Read More » -
Beware: Hackers Hijack Calendar Subscriptions for Attacks
Hackers exploit digital calendar subscriptions by using deceptive systems to deliver malicious content like phishing links and malware through third-party feeds. BitSight's investigation revealed that expired or hijacked domains were used in large-scale campaigns, affecting millions of users thro...
Read More » -
Microsoft Teams Targeted by Fake IT Support Scams
A new wave of phishing attacks is exploiting Microsoft Teams, using fake IT support accounts to trick employees into installing malware that gives attackers full network control. Attackers are shifting from email to Teams due to its trusted role in business, impersonating IT staff to deploy remot...
Read More » -
Oracle Hackers Target Executives with Extortion Emails
A sophisticated hacking campaign is targeting top-level executives at major corporations with extortion emails, claiming to have stolen sensitive data from Oracle's widely used business software products, though these claims remain unverified. The attackers, linked to the Clop ransomware gang, us...
Read More » -
48 Million Gmail Credentials Leaked Online
A database containing nearly 149 million login credentials, including an estimated 48 million Gmail accounts, was exposed online, compiled from past breaches and infostealer malware. The primary risk is credential stuffing attacks, where stolen usernames and passwords are used to access other acc...
Read More » -
Gootloader Malware Returns With New Evasion Tactics
The Gootloader malware has returned with enhanced SEO poisoning tactics, using fake legal document websites to trick users into downloading malicious .js files that deploy additional malware like Cobalt Strike and backdoors. New evasion techniques include a custom web font that disguises filename...
Read More » -
Ivanti warns of critical code execution flaw in Endpoint Manager
A critical vulnerability (CVE-2025-10573) in Ivanti's Endpoint Manager allows unauthenticated attackers to execute arbitrary code by tricking an administrator into viewing a compromised dashboard. Ivanti has released a patch, but the risk is heightened as hundreds of EPM instances are exposed onl...
Read More »