Tag: vulnerability
-
The Register: Microsoft blames Medusa ransomware affiliates for GoAnywhere exploits while Fortra keeps head buried
Source URL: https://www.theregister.com/2025/10/06/microsoft_blames_medusa_ransomware_affiliates/ Source: The Register Title: Microsoft blames Medusa ransomware affiliates for GoAnywhere exploits while Fortra keeps head buried Feedly Summary: You can’t find anything bad if you don’t look, right? Medusa ransomware affiliates are among those exploiting a maximum-severity bug in Fortra’s GoAnywhere managed file transfer (MFT) product, according to Microsoft Threat Intelligence.……
-
Microsoft Security Blog: Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability
Source URL: https://www.microsoft.com/en-us/security/blog/2025/10/06/investigating-active-exploitation-of-cve-2025-10035-goanywhere-managed-file-transfer-vulnerability/ Source: Microsoft Security Blog Title: Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability Feedly Summary: Storm-1175, a financially motivated actor known for deploying Medusa ransomware and exploiting public-facing applications for initial access, was observed exploiting the deserialization vulnerability in GoAnywhere MFT’s License Servlet, tracked as CVE-2025-10035. We are publishing this…
-
The Register: Clop crew hits Oracle E-Business Suite users with fresh zero-day
Source URL: https://www.theregister.com/2025/10/06/clop_oracle_ebs_zeroday/ Source: The Register Title: Clop crew hits Oracle E-Business Suite users with fresh zero-day Feedly Summary: Big Red rushes out patch for 9.8-rated flaw after crooks exploit it for data theft and extortion Oracle rushed out an emergency fix over the weekend for a zero-day vulnerability in its E-Business Suite (EBS) that…
-
Slashdot: Mouse Sensors Can Pick Up Speech From Surface Vibrations, Researchers Show
Source URL: https://it.slashdot.org/story/25/10/05/2225224/mouse-sensors-can-pick-up-speech-from-surface-vibrations-researchers-show?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Mouse Sensors Can Pick Up Speech From Surface Vibrations, Researchers Show Feedly Summary: AI Summary and Description: Yes Summary: Researchers from the University of California, Irvine, have identified a security vulnerability in high-performance optical mice that can be exploited to capture audio data from a user’s environment, effectively turning…
-
Slashdot: Microsoft Says AI Can Create ‘Zero Day’ Threats In Biology
Source URL: https://science.slashdot.org/story/25/10/02/2335217/microsoft-says-ai-can-create-zero-day-threats-in-biology?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Microsoft Says AI Can Create ‘Zero Day’ Threats In Biology Feedly Summary: AI Summary and Description: Yes Summary: Microsoft’s team has identified a significant vulnerability in biosecurity systems using AI, highlighting the dual-use capabilities of generative AI in potentially enabling bioweapons development. This discovery emphasizes the urgent need for…
-
Schneier on Security: Daniel Miessler on the AI Attack/Defense Balance
Source URL: https://www.schneier.com/blog/archives/2025/10/daniel-miessler-on-the-ai-attack-defense-balance.html Source: Schneier on Security Title: Daniel Miessler on the AI Attack/Defense Balance Feedly Summary: His conclusion: Context wins Basically whoever can see the most about the target, and can hold that picture in their mind the best, will be best at finding the vulnerabilities the fastest and taking advantage of them. Or,…
-
Anchore: Analyzing the top MCP Docker Containers
Source URL: https://anchore.com/blog/analyzing-the-top-mcp-docker-containers/ Source: Anchore Title: Analyzing the top MCP Docker Containers Feedly Summary: If you pay attention to the world of AI, you’ll have noticed that Model Context Protocol (MCP) is a very popular topic right now. The Model Context Protocol is an open standard that enables developers to build secure, two-way connections between…