Risk
-
Attackers exploiting critical auth-bypass flaw in Service Finder WordPress theme
Security researchers at Wordfence say attackers are actively exploiting CVE-2025-5947, a critical authentication-bypass flaw in the Service Finder WordPress theme that can give attackers administrator access; a patch was released in version 6.1 and administrators are urged to update or stop using the theme.
-
Microsoft links Storm-1175 to zero-day exploitation of GoAnywhere MFT
Microsoft said the criminal group Storm-1175 exploited a zero-day in Fortra’s GoAnywhere MFT to gain remote code execution, deploy monitoring tools, steal data with Rclone and install Medusa ransomware, with activity observed as early as Sept. 11; CISA and other researchers have also reported active exploitation.
-
DraftKings warns accounts breached in credential stuffing attacks
DraftKings said an undisclosed number of customer accounts were accessed in credential stuffing attacks that exposed a limited set of account details; the company is requiring password resets, urging multifactor authentication and advising customers to monitor financial and credit accounts.
-
UC Irvine researchers say high-precision mice can be used to eavesdrop on conversations
Researchers at the University of California, Irvine say high-precision optical mice can pick up tiny desk vibrations from speech and, using signal processing and machine learning, be converted into audible reconstructions; the team published details on a Google research site and an arXiv paper.
-
Google DeepMind unveils CodeMender to detect, patch and rewrite vulnerable code
DeepMind has unveiled CodeMender, an AI agent that detects, patches and rewrites vulnerable code using Gemini models and an LLM-based critique tool; Google says it has upstreamed 72 fixes and is expanding AI security measures including an AI Vulnerability Reward Program and updates to its Secure AI Framework.
-
Misconfigured Rainwalk Pet database left 158 GB of owner and pet records exposed
A misconfigured Rainwalk Pet database exposed about 158 GB of customer and pet records, including names, contact details, partial credit card numbers, veterinary bills and microchip numbers, the article said; the data remained publicly accessible for almost a month before being secured.
-
Oracle issues emergency patch for critical E-Business Suite flaw tied to Cl0p attacks
Oracle issued an emergency update for a critical E-Business Suite vulnerability, CVE-2025-61882 (CVSS 9.8), which the article said has been exploited in recent Cl0p data thefts; Oracle and Mandiant have urged organisations to apply fixes and investigate possible prior compromise.
-
Discord says support vendor breach exposed customer data
Discord said a compromised third-party customer support vendor exposed support tickets and personal details, including billing data and ID images, and that it cut the vendor’s access, launched an investigation and notified law enforcement.
-
Researchers say Chinese-speaking group UAT-8099 uses IIS servers for global SEO fraud
Researchers say a Chinese-speaking group dubbed UAT-8099 has been exploiting Microsoft IIS servers to run SEO fraud and steal credentials and certificate data, using web shells, Cobalt Strike and a modified BadIIS backdoor across targets in Asia and the Americas.
-
Zimbra zero-day reportedly used to target Brazilian military, report says
A stored cross-site scripting flaw in Zimbra Collaboration (CVE-2025-27915) was exploited in attacks that targeted the Brazilian military using malicious ICS calendar files, a StrikeReady Labs report said; Zimbra issued patches in January 2025.
