fp-5b

Google’s Android 17 introduces new protections in Advanced Protection Mode that block non-accessibility apps from using the Accessibility API to prevent malware attacks.

90% of phishing targets Outlook and Google—learn about the tactics, stats, and defenses to protect your email from evolving threats.

CVE-2025-54236 in Adobe Magento allows account hijacking—learn about active exploits, risks, and urgent patching needs to secure your e-commerce platform.

iOS 26 overwrites shutdown.log, erasing Pegasus traces—learn about the impact on forensics and tips to protect against spyware threats.

CVE-2025-22167 in Jira allows file alteration via path traversal—learn affected versions, risks, and upgrade steps to secure your project management systems.

M&S terminates TCS contract post-₹3,200 crore breach—learn about social engineering tactics, outsourcing risks, and the need for stronger cybersecurity measures.

CVE-2025-11001 and CVE-2025-11002 in 7-Zip allow code execution via malicious ZIPs—update to v25.00, disable symlinks, and use antivirus to avoid path traversal attacks.

"Trinity of Chaos" group (Muddled Libra, Bling Libra, LAPSUS$) steals 1B Salesforce records targeting retail/hospitality; launches DLS October 3, 2025, with FBI seizure October 9. EaaS model enables fraud—implement zero trust and ISAC intel to defend against data theft.

High-severity CVE-2025-61884 (CVSS 7.5) in Oracle E-Business Suite's Configurator allows unauthenticated HTTP attacks to access sensitive data (versions 12.2.3-12.2.14). Follows Cl0p-linked CVE-2025-61882 exploits—apply updates, segment networks, and scan for vulnerabilities now.

Unspecified flaw in Oracle E-Business Suite's BI Publisher Integration allows unauthenticated HTTP attacks to hijack Concurrent Processing, exploited in ransomware campaigns. Apply patches, follow BOD 22-01 guidance, or discontinue use to protect enterprise operations from data encryption and downtime.