Extortion campaign targeting Oracle E-Business Suite customers linked to zero-day

Mandiant researchers said Clop ransomware is indeed linked to a series of emails threatening to release stolen data.
The Escapist

Unity Engine exploit dating from 2017 sparks emergency patches across gaming industry

Unity has disclosed a major security flaw affecting engine versions since 2017, impacting Android, Windows, and Mac games.
MIT Technology Review

The Download: using AI to discover “zero day” vulnerabilities, and Apple’s ICE app removal

1 Apple removed an app for reporting ICE officer sightings The US Attorney General requested it take down ICEBlock—and Apple ...
GovInfoSecurity

Hackers Exploit RMM Tools to Deploy Malware

Cybercriminals are hijacking trusted remote monitoring and management tools to bypass defenses, gain persistent access and ...
Liliputing

Amazon patches the exploit that supercharged Fire TV and Fire Tablet hacking

According to recent posts in the xda-developers forum, Amazon is confirmed to be rolling out a Fire OS 8.1.5.3 update for Fire TV devices for that patches the vulnerability. It’s likely that a patch ...

Clop hackers caught exploiting Oracle zero-day bug to steal executives’ personal data

Oracle fixes another security flaw that Clop hackers were using to steal sensitive personal information about executives as ...

Oracle forced to rush out patch for zero-day exploited in attacks

Business Suite, actively exploited by ransomware actorsAttackers used compromised email accounts to extort victims; FIN11 and ...