Cybersecurity News Bytes

Rogue Ransomware Negotiators Charged in Major Crackdown Recent law enforcement action resulted in the charges brought against several rogue ransomware negotiators who allegedly acted on behalf of cybercrime victims but…

Hackers Exploit Unpatched Rounding Bug to Drain Balancer Again In early November 2025, Balancer, a popular decentralized finance (DeFi) protocol, suffered another significant loss after threat actors exploited a subtle…

A sophisticated cyberattack has recently targeted the Congressional Budget Office (CBO), resulting in potential exposure of sensitive government data. The breach raises critical concerns regarding vulnerabilities in federal digital infrastructure,…

Washington Post Data Breach Tied to Oracle Vulnerabilities The Washington Post has publicly confirmed that it was among multiple high-profile victims of a hacking campaign exploiting vulnerabilities in Oracle's suite…

CVE-2025-12058: Arbitrary File Loading and SSRF Exploitation Threat A new vulnerability, CVE-2025-12058, has surfaced, allowing attackers to perform arbitrary file loading and Server Side Request Forgery (SSRF) attacks. The flaw…

Congressional Budget Office Hacked: National Policy Implications and Technical Analysis The Congressional Budget Office (CBO) experienced a significant cyber breach, reportedly carried out by a foreign threat actor. This attack…

A critical vulnerability (CVE-2025-12058) affecting widely used web platforms enables attackers to load arbitrary files and conduct Server-Side Request Forgery (SSRF) attacks, posing significant risks to exposed organizations. The exploitation…

Critical Out-of-Bounds Write Vulnerability in WebGPU (CVE-2025-12725) Enables Remote Code Execution A newly disclosed out-of-bounds write flaw in WebGPU, tracked as CVE-2025-12725, allows remote attackers to execute arbitrary code on…

Cryptocurrency Platform Balancer Suffers Major Exploit Through Rounding Function Vulnerability Hackers successfully drained cryptocurrency from the Balancer decentralized exchange platform by exploiting a rounding function vulnerability and executing batch swap…

A series of critical cybersecurity events have unfolded in early November 2025, including the exploitation of newly discovered vulnerabilities in widely used enterprise software, innovative attacker tradecraft that bypasses traditional…