VirusTotal
-
Oracle issues emergency patch for critical E-Business Suite flaw tied to Cl0p attacks
Oracle issued an emergency update for a critical E-Business Suite vulnerability, CVE-2025-61882 (CVSS 9.8), which the article said has been exploited in recent Cl0p data thefts; Oracle and Mandiant have urged organisations to apply fixes and investigate possible prior compromise.
-
Fake Microsoft Teams installers promoted in search ads deliver Oyster backdoor, researchers say
Search ads and SEO poisoning have been used to promote fake Microsoft Teams installers that deliver the Oyster backdoor to Windows machines, researchers said; the trojanized installer drops a DLL and creates a scheduled task for persistence.
-
VirusTotal flags 44 undetected SVGs in Colombian phishing campaign; hundreds of SVGs detected in the wild
VirusTotal has flagged a new malware campaign using 44 undetected SVG files to phish as Colombia’s Fiscalía General de la Nación, injecting a Base64-encoded HTML page and triggering a hidden ZIP download. Overall SVG detections in the wild have reached 523, with earliest samples dating to August 14, 2025.
