The Hacker News Most trusted, widely-read independent cybersecurity news source for everyone; supported by hackers and IT professionals — Send TIPs to [email protected]
- Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Filesby [email protected] (The Hacker News) on 6 October 2025 at 6:01 am
A now patched security vulnerability in Zimbra Collaboration was exploited as a zero-day earlier this year in cyber attacks targeting the Brazilian military. Tracked as CVE-2025-27915 (CVSS score: 5.4), the vulnerability is a stored cross-site scripting (XSS) vulnerability in the Classic Web Client that arises as a result of insufficient sanitization of HTML content in ICS calendar files,
- Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacksby [email protected] (The Hacker News) on 6 October 2025 at 5:15 am
Oracle has released an emergency update to address a critical security flaw in its E-Business Suite that it said has been exploited in the recent wave of Cl0p data theft attacks. The vulnerability, tracked as CVE-2025-61882 (CVSS score: 9.8), concerns an unspecified bug that could allow an unauthenticated attacker with network access via HTTP to compromise and take control of the Oracle
- CometJacking: One Click Can Turn Perplexity’s Comet AI Browser Into a Data Thiefby [email protected] (The Hacker News) on 4 October 2025 at 2:37 pm
Cybersecurity researchers have disclosed details of a new attack called CometJacking targeting Perplexity's agentic AI browser Comet by embedding malicious prompts within a seemingly innocuous link to siphon sensitive data, including from connected services, like email and calendar. The sneaky prompt injection attack plays out in the form of a malicious link that, when clicked, triggers the
- Scanning Activity on Palo Alto Networks Portals Jump 500% in One Dayby [email protected] (The Hacker News) on 4 October 2025 at 10:39 am
Threat intelligence firm GreyNoise disclosed on Friday that it has observed a massive spike in scanning activity targeting Palo Alto Networks login portals. The company said it observed a nearly 500% increase in IP addresses scanning Palo Alto Networks login portals on October 3, 2025, the highest level recorded in the last three months. It described the traffic as targeted and structured, and
- Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealerby [email protected] (The Hacker News) on 3 October 2025 at 6:11 pm
A threat actor named Detour Dog has been outed as powering campaigns distributing an information stealer known as Strela Stealer. That's according to findings from Infoblox, which found the threat actor to maintain control of domains hosting the first stage of the stealer, a backdoor called StarFish. The DNS threat intelligence firm said it has been tracking Detour Dog since August 2023, when