Experimental News Clipping Site

Tag: Exploitation

  • The Register: Clop crew hits Oracle E-Business Suite users with fresh zero-day

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/10/06/clop_oracle_ebs_zeroday/ Source: The Register Title: Clop crew hits Oracle E-Business Suite users with fresh zero-day Feedly Summary: Big Red rushes out patch for 9.8-rated flaw after crooks exploit it for data theft and extortion Oracle rushed out an emergency fix over the weekend for a zero-day vulnerability in its E-Business Suite (EBS) that…

  • The Register: Oracle tells Clop-targeted EBS users to apply July patch, problem solved

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/10/03/oracle_ebs_clop_extortion/ Source: The Register Title: Oracle tells Clop-targeted EBS users to apply July patch, problem solved Feedly Summary: Researchers suggest internet-facing portals are exposing ‘thousands’ of orgs Oracle has finally broken its silence on those Clop-linked extortion emails, but only to tell customers what they already should have known: patch your damn systems.……

  • Simon Willison’s Weblog: Sora 2 prompt injection

    by

    Kurt Seifried
    in

    Source URL: https://simonwillison.net/2025/Oct/3/cameo-prompt-injections/ Source: Simon Willison’s Weblog Title: Sora 2 prompt injection Feedly Summary: It turns out Sora 2 is vulnerable to prompt injection! When you onboard to Sora you get the option to create your own “cameo" – a virtual video recreation of yourself. Here’s mine singing opera at the Royal Albert Hall. You…

  • The Register: Warnings about Cisco vulns under active exploit are falling on deaf ears

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/09/30/cisco_firewall_vulns/ Source: The Register Title: Warnings about Cisco vulns under active exploit are falling on deaf ears Feedly Summary: 50,000 firewall devices still exposed Nearly 50,000 Cisco ASA/FTD instances vulnerable to two bugs that are actively being exploited by “advanced" attackers remain exposed to the internet, according to Shadowserver data.… AI Summary and…

  • Cloud Blog: Announcing Claude Sonnet 4.5 on Vertex AI

    by

    Kurt Seifried
    in

    Source URL: https://cloud.google.com/blog/products/ai-machine-learning/announcing-claude-sonnet-4-5-on-vertex-ai/ Source: Cloud Blog Title: Announcing Claude Sonnet 4.5 on Vertex AI Feedly Summary: Today, we’re announcing the general availability of Claude Sonnet 4.5, Anthropic’s most intelligent model and its best-performing model for complex agents, coding, and computer use, on Vertex AI.Claude Sonnet 4.5 is built to work independently for hours, maintaining clarity…

  • OpenAI : Combating online child sexual exploitation & abuse

    by

    Kurt Seifried
    in

    Source URL: https://openai.com/index/combating-online-child-sexual-exploitation-abuse Source: OpenAI Title: Combating online child sexual exploitation & abuse Feedly Summary: Discover how OpenAI combats online child sexual exploitation and abuse with strict usage policies, advanced detection tools, and industry collaboration to block, report, and prevent AI misuse. AI Summary and Description: Yes Summary: The text discusses OpenAI’s initiatives to combat…

  • The Register: Hunt for RedNovember: Beijing hacked critical orgs in year-long snooping campaign

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/09/27/rednovember_chinese_espionage/ Source: The Register Title: Hunt for RedNovember: Beijing hacked critical orgs in year-long snooping campaign Feedly Summary: Not to be confused with all the other reports of Chinese intruders on US networks that came to light this week RedNovember, a Chinese state-sponsored cyberspy group, targeted government and critical private-sector networks around the…

  • Unit 42: Threat Insights: Active Exploitation of Cisco ASA Zero Days

    by

    Kurt Seifried
    in

    Source URL: https://unit42.paloaltonetworks.com/zero-day-vulnerabilities-affect-cisco-software/ Source: Unit 42 Title: Threat Insights: Active Exploitation of Cisco ASA Zero Days Feedly Summary: CVE-2025-20333, CVE-2025-20362 and CVE-2025-20363 affect multiple Cisco products, and are being exploited by a threat actor linked to the ArcaneDoor campaign. The post Threat Insights: Active Exploitation of Cisco ASA Zero Days appeared first on Unit 42.…

  • The Register: ‘An attacker’s playground:’ Crims exploit GoAnywhere perfect-10 bug

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/09/26/an_apts_playground_goanywhere_perfect10/ Source: The Register Title: ‘An attacker’s playground:’ Crims exploit GoAnywhere perfect-10 bug Feedly Summary: Researchers say tens of thousands of instances remain publicly reachable Security researchers have confirmed that threat actors have exploited the maximum-severity vulnerability affecting Fortra’s GoAnywhere managed file transfer (MFT), and chastised the vendor for a lack of transparency.……