Well, that’s another big Steam seasonal sale in the books. How did yours go? I didn’t pick up a ton of titles this time around, but I still scored some nice discounts on games like The Roottrees Are Dead, so I’m still pleased.
Source: xda-developers.com
3 reasons I switched to and prefer OpenCloud instead of Nextcloud
For years, Nextcloud was my default self-hosted cloud solution. It promised freedom and control, but over time, I ran into several issues: sluggish performance, bloated experience, and an endless stream of minor bugs. I felt stuck in a trade-off between control and usability – until I finally made the leap to OpenCloud. Source: xda-developers.com … [Read More...]
Beer Giant Asahi Says Data Stolen in Ransomware Attack
Japanese brewing giant Asahi Group Holdings has confirmed that a ransomware attack has caused the week-long outage at its domestic subsidiaries. The company disclosed the incident last week, blaming order and shipment operational disruptions, and call center downtime on a cyberattack that resulted in system failures. The company, which suspended production at some of its factories in Japan, … [Read More...]
PoC Exploit Released for Sudo Vulnerability that Enables Attackers to Gain Root Access
A publicly available proof-of-concept (PoC) exploit has been released for CVE-2025-32463, a local privilege escalation (LPE) flaw in the Sudo utility that can grant root access under specific configurations. Security researcher Rich Mirch is credited with identifying the weakness, while a functional PoC and usage guide have been published in an open GitHub repository, accelerating the … [Read More...]
Oracle E-Business Suite Zero-Day Exploited in Cl0p Attacks
The recent data theft and extortion campaign targeting Oracle E-Business Suite customers has been confirmed to be the work of the notorious Cl0p ransomware group, and Oracle has admitted that the hackers have exploited a zero-day vulnerability. The attacks targeting Oracle E-Business Suite (EBS) customers came to light last week, when Google Threat Intelligence Group (GTIG) and Mandiant warned … [Read More...]
Redis Server Vulnerability use-after-free Vulnerability Enables Remote Code Execution
A critical use-after-free vulnerability, identified as CVE-2025-49844, has been discovered in Redis servers, enabling authenticated attackers to achieve remote code execution. This high-severity flaw affects all versions of Redis that utilize the Lua scripting engine, presenting a significant threat to a wide range of deployments that rely on the popular in-memory data store. The core of … [Read More...]
OpenAI and Jony Ive’s Secretive AI Device Reportedly Hit by Software and Infra Troubles
OpenAI and former Apple design chief Jony Ive have reportedly been developing a secretive AI device for much of the year. While earlier reports suggested a launch by the end of 2026, the project may now face delays amid mounting technical challenges. As per a report, the teams are grappling with software and infrastructure issues, particularly around building a sustainable compute budget to power … [Read More...]
Hackers Weaponize AWS X-Ray Service to Work as Covert Command & Control Server
A sophisticated technique uncovered where threat actors abuse Amazon Web Services‘ X-Ray distributed tracing service to establish covert command and control (C2) communications, demonstrating how legitimate cloud infrastructure can be weaponized for malicious purposes. AWS X-Ray, designed to help developers analyze application performance through distributed tracing, has been repurposed by red … [Read More...]
Realme GT 8 Pro, iQOO 15, OnePlus 15 Camera Details Leaked Ahead of Launch in China
Qualcomm launched its top-tier Snapdragon 8 Elite Gen 5 SoC last month, and several smartphone brands are preparing to unveil flagship devices powered by the same chipset. The Xiaomi 17 series became the first to arrive with the new Snapdragon 8 Elite Gen 5 chip, while upcoming launches include the Realme GT 8 Pro, iQOO 15, and OnePlus 15. Ahead of their formal reveal, a prominent Chinese tipster … [Read More...]
QNAP NetBak Replicator Vulnerability Let Attackers Execute Unauthorized Code
QNAP has released a security advisory detailing a vulnerability in its NetBak Replicator utility that could allow local attackers to execute unauthorized code. The flaw, identified as CVE-2025-57714, has been rated as “Important” and affects specific versions of the backup and restore software. The company has already issued a patch and is urging users to update their systems to prevent … [Read More...]
How Windows Command-line Utility PsExec Can Be Abused To Execute Malicious Code
PsExec represents one of the most contradictory tools in the cybersecurity landscape, a legitimate system administration utility that has become a cornerstone of malicious lateral movement campaigns. Recent threat intelligence reports indicate that PsExec remains among the top five tools used in cyberattacks as of 2025, with ransomware groups like Medusa, LockBit, and Kasseika actively … [Read More...]