Latest news as of 11/16/2025, 6:49:07 AM
The Register
No confirmed date but workers expected to return in the coming days Jaguar Land Rover is readying staff to resume manufacturing in the coming days, a company spokesperson confirmed to .… The Reg
The Register
Big Red rushes out patch for 9.8-rated flaw after crooks exploit it for data theft and extortion Oracle rushed out an emergency fix over the weekend for a zero-day vulnerability in its E-Business Suite (EBS) that criminal crew Clop has already abused for data theft and extortion.…
Check Point Research
For the latest discoveries in cyber research for the week of 6th October, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Red Hat has confirmed a cyber attack that resulted in unauthorized access to one of its GitLab instances. The attackers, Crimson Collective, claim to have stolen approximately 570GB of compressed data. The […] The post appeared first on . 6th October – Threat Intelligence Report Check Point Research
The Register
Plus, PAN under attack, IT whistleblowers get a payout, and China kills online scammers On August 29, the US Federal Emergency Management Agency fired its CISO, CIO, and 22 other staff for incompetence but insisted it wasn't in response to an online attack. New material suggests FEMA's claim may be false.… Infosec in brief
The Hacker News
A now patched security vulnerability in Zimbra Collaboration was exploited as a zero-day earlier this year in cyber attacks targeting the Brazilian military. Tracked as CVE-2025-27915 (CVSS score: 5.4), the vulnerability is a stored cross-site scripting (XSS) vulnerability in the Classic Web Client that arises as a result of insufficient sanitization of HTML content in ICS calendar files,
The Hacker News
Oracle has released an emergency update to address a critical security flaw in its E-Business Suite that it said has been exploited in the recent wave of Cl0p data theft attacks. The vulnerability, tracked as CVE-2025-61882 (CVSS score: 9.8), concerns an unspecified bug that could allow an unauthenticated attacker with network access via HTTP to compromise and take control of the Oracle
Bleeping Computer
Oracle is warning about a critical E-Business Suite zero-day vulnerability tracked as CVE-2025-61882 that allows attackers to perform unauthenticated remote code execution, with the flaw actively exploited in Clop data theft attacks. [...]
Bleeping Computer
Researchers monitoring for larger .ICS calendar attachments found that a flaw in Zimbra Collaboration Suite (ZCS) was used in zero-day attacks at the beginning of the year. [...]
Bleeping Computer
ParkMobile has finally wrapped up a class action lawsuit over the platform's 2021 data breach that hit 22 million users. But there's a catch: victims are receiving compensation in the form of a $1 in-app credit, which they must claim manually. And, it comes with an expiration date. [...]
Bleeping Computer
A new leaked benchmark shows Apple's alleged M5 chip on an iPad, and it's almost as fast as a desktop CPU. [...]