thecyberexpress

French Football Federation Discloses Data Breach After Attackers Compromise Administrative Software

The French Football Federation confirmed this week that attackers used stolen credentials to breach centralized administrative software managing club memberships ...
thecyberexpress

Akira Ransomware Group Poses ‘Imminent Threat’ to Critical Infrastructure: CISA

The Akira ransomware group poses an “imminent threat to critical infrastructure,” the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today. CISA joined with the FBI, other U.S.
thecyberexpress

Apache Warns of Critical Tomcat Vulnerabilities Impacting Versions 9, 10, and 11Apache Warns of Critical Tomcat Vulnerabilities Impacting Versions 9, 10, and 11

Apache warns of CVE-2025-55752 and CVE-2025-55754 in Tomcat 9–11, risking remote code execution and console attacks. Urgent updates are strongly advised.
thecyberexpress

GhostBat RAT Returns with Fake RTO Apps Targeting Indian Android Users with Telegram Bot-Driven Malware

A new trend of Android malware is sweeping across India, leveraging the guise of Regional Transport Office (RTO) apps to steal financial data, mine cryptocurrency, and exfiltrate SMS messages, all ...
thecyberexpress

Oracle Patches New E-Business Suite Flaw as CL0P Claims Harvard as Victim

Oracle rushed out a patch over the weekend for a new E-Business Suite vulnerability that can be exploited remotely without authentication. The vulnerability – CVE-2025-61884 – carries a 7.5 ...
thecyberexpress

Google Launches Dedicated AI Bug Bounty Program with Rewards Up to $30,000Google Launches Dedicated AI Bug Bounty Program with Rewards Up to $30,000

Google’s new AI VRP offers up to $30,000 for finding security flaws in tools like Gemini. Report vulnerabilities, not content issues, for top rewards.
thecyberexpress

CrowdStrike Among Those Hit in NPM Attack Campaign

More than 20 CrowdStrike NPM packages were among nearly 200 NPM packages hit by a sophisticated supply chain attack. The compromised packages were quickly removed and CrowdStrike said its Falcon ...
thecyberexpress

What Are Vulnerabilities: Types, Examples, Causes, and More!

Imagine this: You’ve built a magnificent castle, a fortress of security for your most prized possessions – financial records, personal data, confidential projects. But what if there’s a tiny, hidden ...
thecyberexpress

Operation Serengeti 2.0: 1,200 Arrested, Millions Seized

Operation Serengeti 2.0 reveals why cybercrime in Africa has evolved from low-volume fraud to a continent-spanning economy of digital extortion. The success of the operation is built on the continuous ...
thecyberexpress

Apple Patches Zero-Day in iOS 18.6.2 After Targeted Exploits

Apple on Wednesday released iPadOS/iOS 18.6.2, as a security update addressing a zero-day vulnerability— tracked as CVE-2025-43300. The company said, the bug ...
thecyberexpress

How One Researcher Hacked McDonalds and Found Flaws

In a world where digital infrastructures run global empires, even the biggest names in the fast-food industry aren’t immune to security blunders. That’s exactly what one independent researcher ...
thecyberexpress

Critical Zoom Vulnerability CVE-2025-49457 Poses Risks

CVE-2025-49457 in Zoom Clients exposes users to privilege escalation. Update Zoom to version 6.3.10 to mitigate risks.