Cox Enterprises has suffered a significant data breach due to exploitation of a zero-day vulnerability in Oracle E-Business Suite. The Cl0p ransomware group exploited CVE-2025-61882.

A newly discovered Android banking trojan named Sturnus poses a significant threat to device and data security by targeting encrypted messaging applications such as Signal, WhatsApp, and Telegram.

A new global campaign, ShadowRay 2.0, is compromising publicly exposed instances of the distributed computing framework Ray by exploiting a critical, unpatched vulnerability (CVE-2023-48022).

A data breach at Pajemploi, a French public social service facilitating payroll for parents employing in-home caregivers, has compromised the private data of approximately 1.2 million registered childcare workers.

The Pennsylvania Office of the Attorney General (OAG) experienced a significant ransomware attack on August 9, 2025, attributed to the INC Ransom gang, a Ransomware-as-a-Service (RaaS) operation.

A critical email spoofing vulnerability discovered in DoorDash’s Business platform enabled unauthorized actors to send branded phishing emails directly from DoorDash's official servers through the free Business account interface.

Threat actors are exploiting the legacy Finger protocol via Windows' built-in finger command to execute remote commands and deploy malware through the ClickFix malware campaign.

A critical data breach at The Washington Post has compromised sensitive personal and financial information of 9,720 employees and contractors. The breach was facilitated through a zero-day vulnerability in Oracle E-Business Suite (CVE-2025-61884).

DoorDash has disclosed a data breach, involving unauthorized access to user data through a social engineering attack. Notification emails began reaching affected users the evening before the public disclosure, primarily targeting users in Canada.

Two critical bugs in Cisco ASA and FTD firewalls—CVE-2025-20362 and CVE-2025-20333—are being actively exploited in the wild. Initially used for remote code execution and unauthorized access, these flaws are now also being leveraged in DoS attacks.