Category: CyberSecurityDive

Dive Brief: Security researchers said they confirmed a breach of Oracle Cloud after a previously unknown threat actor posted an…

Dive Brief: Wiz researchers on Monday disclosed the technical details of four critical vulnerabilities — CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974…

A prolific Russian threat actor is exploiting a zero-day flaw in the Microsoft Management Console (MMC) framework to execute malicious…

Dive Brief: Researchers warn that three older vulnerabilities in DrayTek routers have been actively exploited in recent weeks, which coincides…

Dive Brief: Researchers from GreyNoise on Thursday reported active exploitation of CVE-2025-24813, a critical remote code execution vulnerability in Apache Tomcat…

As organizations embrace more dynamic and complex application architectures—such as microservices, hybrid cloud infrastructures, and rapid CI/CD pipelines—securing these environments…

Dive Brief:  The threat actors in the GitHub Action supply chain attack were targeting Coinbase as part of their initial…

A Medusa ransomware campaign is using a malicious driver to disrupt and even delete endpoint detection and response (EDR) products…

Dive Brief: Johannes Ullrich of the SANS Internet Storm Center reported exploitation attempts this week against two critical Cisco vulnerabilities…

Dive Brief: The GitHub Action supply chain compromise that threatened the security of more than 23,000 repositories appears to be…

At least 11 state-sponsored threat groups since 2017 have been actively exploiting a Microsoft zero-day flaw allowing for abuse of…

After previously being left at the altar, Alphabet Inc. reached a deal Tuesday through its Google business to buy Wiz…