Latest News Archives - Stratos Ally

Latest News

AWS Outage Disrupts Massive Global Internet Services

On what was supposed to be a day full of lights, AWS decided to celebrate Diwali its own way, by turning off the lights across ...

StratosAlly

Latest News

UNC5342 Turns Ethereum and BSC into Immutable Malware Hosts

Google Threat Intelligence observed UNC5342 (aka CL-STA-0240/ DeceptiveDevelopment/ Famous Chollima/ Void Dokkaebi, among others) using EtherHiding, embedding encrypted payloads in smart contracts on decentralised networks ...

StratosAlly

Latest News

Zero-Day Attacks Hit Oracle E-Business Suite, Threatening Sensitive Data

Oracle’s E-Business Suite has come under attack due to two serious security flaws, CVE-2025-61882 (exploited in live attacks, lets hackers execute code remotely) and CVE-2025-61884 ...

StratosAlly

Latest News

Huntress Detects SonicWall VPN Breach Wave Amid Credential Compromise Surge

Huntress has raised an alert over a wave of unauthorized logins targeting SonicWall SSL VPN devices, saying more than 100 VPN accounts across 16 customer ...

StratosAlly

Latest News

Microsoft Tracks Active Exploitation of GoAnywhere Flaw, Ransomware Groups on the Move

Microsoft Threat Intelligence has attributed active exploitation of a critical deserialization bug in Fortra’s GoAnywhere Managed File Transfer (MFT) to a cybercriminal affiliate it tracks ...

StratosAlly

Latest News

Discord Users Affected in Third-Party Support Breach

Discord has revealed that a recent security incident at one of its third-party support providers exposed personal details for a small group of users. The ...

StratosAlly

Latest News

A Single Malicious Link Can Hijack Perplexity’s AI Browser, Researchers Warn

Perplexity’s Comet browser can be turned into a silent data thief with a single click, researchers say. Security team LayerX today published a proof-of-concept they ...

StratosAlly

Latest News

OneLogin OIDC Client Secrets Exposed via Apps API (CVE 2025 59363)

A serious security flaw has been discovered in One Identity’s OneLogin platform. In earlier versions, 2025.3.0, the system accidentally exposed OIDC client secrets through its ...

StratosAlly

Latest News

Cisco ASA Zero-Days Used to Deploy RayInitiator, LINE VIPER

The U.K. NCSC and Cisco warn that a state-linked campaign exploited recently disclosed Cisco firewall flaws in zero-day attacks to deploy two novel implants, RayInitiator ...

StratosAlly

Latest News

New PlugX Variant Targets Telecom and Manufacturing Networks Across Central and South Asia

A new variant of the PlugX remote access trojan (RAT), also known as Korplug or SOGU, is being deployed in an ongoing cyber campaign against ...

StratosAlly

Latest News

AWS Outage Disrupts Massive Global Internet Services

UNC5342 Turns Ethereum and BSC into Immutable Malware Hosts

Zero-Day Attacks Hit Oracle E-Business Suite, Threatening Sensitive Data

Huntress Detects SonicWall VPN Breach Wave Amid Credential Compromise Surge

Microsoft Tracks Active Exploitation of GoAnywhere Flaw, Ransomware Groups on the Move

Discord Users Affected in Third-Party Support Breach

A Single Malicious Link Can Hijack Perplexity’s AI Browser, Researchers Warn

OneLogin OIDC Client Secrets Exposed via Apps API (CVE 2025 59363)

Cisco ASA Zero-Days Used to Deploy RayInitiator, LINE VIPER

New PlugX Variant Targets Telecom and Manufacturing Networks Across Central and South Asia

community

Join the community to Stay Updated with the Latest Cybersecurity Trends