Every week, the cyber world reminds us that silence doesn’t mean safety. Attacks often begin quietly — one unpatched flaw, one overlooked credential, one backup left unencrypted. By the time alarms sound, the damage is done.
This week’s edition looks at how attackers are changing the game — linking different flaws, working together across borders, and even turning trusted tools into weapons. From major software bugs to AI abuse and new phishing tricks, each story shows how fast the threat landscape is shifting and why security needs to move just as quickly.
âš¡ Threat of the Week
Dozens of Orgs Impacted by Exploitation of Oracle EBS Flaw — Dozens of organizations may have been impacted following the zero-day exploitation of a security flaw in Oracle’s E-Business Suite (EBS) software since August 9, 2025, according to Google Threat Intelligence Group (GTIG) and Mandiant. The activity, which bears some hallmarks associated with the Cl0p ransomware crew, is assessed to have fashioned together multiple distinct vulnerabilities, including a zero-day flaw tracked as CVE-2025-61882 (CVSS score: 9.8), to breach target networks and exfiltrate sensitive data. The attack chains have been found to trigger two different payload chains, dropping malware families like GOLDVEIN.JAVA, SAGEGIFT, SAGELEAF, and SAGEWAVE. Oracle has also released updates to EBS to address another vulnerability in the same product (CVE-2025-61884) that could lead to unauthorized access to sensitive data. The company did not mention if it was being exploited in the wild.
🔔 Top News
- Storm-1175 Linked to Exploitation of GoAnywhere MFT Flaw — A cybercriminal group Microsoft tracks as Storm-1175 exploited a maximum-severity vulnerability in GoAnywhere MFT (CVE-2025-10035) to initiate multi-stage attacks, including Medusa ransomware. Storm-1175’s attacks are opportunistic, and have affected organizations in the transportation, education, retail, insurance, and manufacturing sectors. The activity blends legitimate tools with stealthy techniques to stay under the radar and monetize access through extortion and data theft, using the access to install remote monitoring tools such as SimpleHelp and MeshAgent, drop web shells, and move laterally across networks using built-in Windows utilities. Fortra has since disclosed that it began its investigation on September 11 following a “potential vulnerability” reported by a customer, uncovering “potentially suspicious activity” related to the flaw.
- OpenAI Disrupted Three Clusters from China, North Korea, and Russia — OpenAI said it disrupted three activity clusters for misusing its ChatGPT artificial intelligence (AI) tool to facilitate malware development. This includes a Russian‑language threat actor, who is said to have used the chatbot to help develop and refine a remote access trojan (RAT), a credential stealer with an aim to evade detection. The second…
Source link
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We blogs.grocliq.com want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Website Upgradation is going on for any glitch kindly connect at [email protected]
