BleepingComputer.com

"Barts Health NHS discloses data breach after Oracle zero-day hack."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 06 December 2025, 1514 UTC.

Content and Source:  "BleepingComputer.com."

URL-- https://www.bleepingcomputer.com/

Please check URL or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Latest Articles

• 
   
  Deals

  Block ads for the whole family for life for only $16 in this AdGuard deal

  Adguard is a user-friendly tool that helps you get rid of ads that other blockers miss, and it works for the whole family. Right now, an AdGuard Lifetime Family Plan is also on sale for only $15.97 (reg. $169.99).

  • BleepingComputer Deals
   
  • December 06, 2025
   
  • 08:12 AM
   
  •  0
• 
   
  Security, Healthcare

  Barts Health NHS discloses data breach after Oracle zero-day hack

  Barts Health NHS Trust has announced that Clop ransomware actors have stolen files from a database by exploiting a vulnerability in its Oracle E-business Suite software.

  • Bill Toulas
   
  • December 05, 2025
   
  • 01:55 PM
   
  •  0
• 
   

  New Webinar: How phishing attacks evolved in 2025 

  This year, we've seen a huge amount of phishing evolution, with new techniques, toolkits, and delivery methods identified every day.

  Register for the webinar to get the latest insights from Push Security analysing key stats, getting hands-on with phishing kits, and sharing case studies from the field.

  • Push Security Sponsorship
• 
   
  Security

  FBI warns of virtual kidnapping scams using altered social media photos

  The FBI warns of criminals altering images shared on social media and using them as fake proof of life photos in virtual kidnapping ransom scams.

  • Sergiu Gatlan
   
  • December 05, 2025
   
  • 11:37 AM
   
  •  1
• 
   
  Security

  A Practical Guide to Continuous Attack Surface Visibility

  Passive scan data goes stale fast as cloud assets shift daily, leaving teams blind to real exposures. Sprocket Security shows how continuous, automated recon gives accurate, up-to-date attack surface visibility.

  • Sprocket Security
   
  • December 05, 2025
   
  • 10:00 AM
   
  •  0
• 
   
  Security

  EU fines X $140 million over deceptive blue checkmarks

  The European Commission has fined X €120 million ($140 million) for violating transparency obligations under the Digital Services Act (DSA).

  • Sergiu Gatlan
   
  • December 05, 2025
   
  • 09:41 AM
   
  •  4
• 
   
  Security

  Cloudflare blames today's outage on React2Shell mitigations

  Cloudflare has blamed today's outage on the emergency patching of a critical React remote code execution vulnerability, which is now actively exploited in attacks.

  • Sergiu Gatlan
   
  • December 05, 2025
   
  • 08:53 AM
   
  •  0
• 
   
  Security

  Pharma firm Inotiv discloses data breach after ransomware attack

  American pharmaceutical firm Inotiv is notifying thousands of people that they're personal information was stolen in an August 2025 ransomware attack.

  • Sergiu Gatlan
   
  • December 05, 2025
   
  • 08:05 AM
   
  •  0
• 
   
  Deals

  InfoSec4TC lifetime cybersecurity training is now $53 in this deal

  InfoSec4TC offers a workaround. Their Platinum Membership unlocks lifelong access to a massive catalog of cybersecurity courses and exam prep, including all current and future courses and programs. And for a limited time, you can get it for $52.97, instead of the usual $280.

  • BleepingComputer Deals
   
  • December 05, 2025
   
  • 07:11 AM
   
  •  0
• 
   
  Security

  Critical React2Shell flaw actively exploited in China-linked attacks

  Multiple China-linked threat actors began exploiting the React2Shell vulnerability (CVE-2025-55182) affecting React and Next.js just hours after the max-severity issue was disclosed.

  • Bill Toulas
   
  • December 05, 2025
   
  • 06:26 AM
   
  •  1
• 
   
  Technology, Software

  Cloudflare down, websites offline with 500 Internal Server Error

  Cloudflare is down, as websites are crashing with a 500 Internal Server Error. Cloudflare is investigating the reports.

  • Mayank Parmar
   
  • December 05, 2025
   
  • 04:12 AM
   
  •  2
• 
   
  Security

  Hackers are exploiting ArrayOS AG VPN flaw to plant webshells

  Threat actors have been exploiting a command injection vulnerability in Array AG Series VPN devices to plant webshells and create rogue users.

  • Bill Toulas
   
  • December 04, 2025
   
  • 06:05 PM
   
  •  0
• 
   
  Security

  NCSC's ‘Proactive Notifications’ warns orgs of flaws in exposed devices

  The UK's National Cyber Security Center (NCSC) announced the testing phase of a new service called Proactive Notifications, designed to inform organizations in the country of vulnerabilities present in their environment.

  • Bill Toulas
   
  • December 04, 2025
   
  • 05:21 PM
   
  •  0
• 
   
  Security

  Predator spyware uses new infection vector for zero-click attacks

  The Predator spyware from surveillance company Intellexa has been using a zero-click infection mechanism dubbed "Aladdin" that compromised specific targets when simply viewing a malicious advertisement.

  • Bill Toulas
   
  • December 04, 2025
   
  • 03:47 PM
   
  •  0
• 
   
  Security

  Russia blocks FaceTime and Snapchat for alleged use by terrorists

  Russian telecommunications watchdog Roskomnadzor has blocked access to Apple's FaceTime video conferencing platform and the Snapchat instant messaging service, claiming they're being used to coordinate terrorist attacks.

  • Sergiu Gatlan
   
  • December 04, 2025
   
  • 02:12 PM
   
  •  0
• 
   
  Deals

  Create compliance docs with this $40 governance & cybersecurity bundle

  Get the Ultimate ISO & Cybersecurity Toolkit Mega Pack, a complete set of 168 templates designed to help organizations quickly align with major international standards.

  • BleepingComputer Deals
   
  • December 04, 2025
   
  • 02:06 PM
   
  •  0
• 
   
  Security

  CISA warns of Chinese "BrickStorm" malware attacks on VMware servers

  The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned network defenders of Chinese hackers backdooring VMware vSphere servers with Brickstorm malware.

  • Sergiu Gatlan
   
  • December 04, 2025
   
  • 01:19 PM
   
  •  0
• 
   
  Security, Government

  Contractors with hacking records accused of wiping 96 govt databases

  U.S. prosecutors have charged two Virginia brothers arrested on Wednesday with allegedly conspiring to steal sensitive information and destroy government databases after being fired from their jobs as federal contractors.

  • Sergiu Gatlan
   
  • December 04, 2025
   
  • 11:30 AM
   
  •  4
• 
   
  Security

  Critical React, Next.js flaw lets hackers execute code on servers

  A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.

  • Bill Toulas
   
  • December 04, 2025
   
  • 10:11 AM
   
  •  0
• 
   
  Security

  How strong password policies secure OT systems against cyber threats

  OT environments rely on aging systems, shared accounts, and remote access, making weak or reused passwords a major attack vector. Specops Software explains how stronger password policies and continuous checks for compromised credentials help secure critical OT infrastructure.

  • Specops Software
   
  • December 04, 2025
   
  • 10:11 AM
   
  •  0
• 
   
  Microsoft

  Microsoft 365 license check bug blocks desktop app downloads

  ​Microsoft is investigating and working to resolve a known issue that prevents customers from downloading Microsoft 365 desktop apps from the Microsoft 365 homepage.

  • Sergiu Gatlan
   
  • December 04, 2025
   
  • 08:18 AM
   
  •  0

• 1
 
• 2
 
• 3
 
• 4
 
• 5
 

View More