Cl0p-linked threat actors target Oracle E-Business Suite in extortion campaign
CSO Online 03.10.2025 00:55
Oracle E-Business Suite users beware: Hackers may (or may not) have stolen your sensitive data.
Researchers at Halcyon, Google, and Mandiant have confirmed that they are tracking the activity of a threat actor, “highly likely” to be affiliated with the notorious and successful Cl0p gang, who is sending emails to various executives claiming they have stolen sensitive data from their Oracle E-Business Suite ERP systems.
Red Hat OpenShift AI weakness allows full cluster compromise, warns advisory
CSO Online 02.10.2025 17:13
Red Hat has updated its OpenShift AI Service after discovering a vulnerability with a CVSS rating of 9.9 that would allow an attacker to take full control of a cluster and any applications running on it.
Red Hat OpenShift AI (RHOAI) — called Red Hat OpenShift Data Science until 2023 — is the company’s Kubernetes-based platform for managing and deploying large language models (LLMs).
570 GByte Github-Daten: Red Hat meldet Sicherheitsvorfall
Golem 02.10.2025 13:45
Die Erpressergruppe Crimson Collective ist angeblich im Besitz vertraulicher Kundendaten von Red Hat – und verlangt ein Lösegeld. (Github, Security)
Chrome 141: Google schließt schwerwiegende Sicherheitslücken
Golem 02.10.2025 09:19
Die Lücken erlauben möglicherweise eine Remotecodeausführung innerhalb der Sandbox von Chrome. (Chrome, Browser)
Sicherheitspatches: OpenSSL für Schadcode-Attacken anfällig
Heise Security 02.10.2025 07:22
In aktuellen OpenSSL-Versionen haben die Entwickler drei Sicherheitslücken geschlossen. Bislang gibt es keine Berichte zu Attacken.