SEC should avoid ‘overly prescriptive’ AI rules, acting chair says
Dive Brief: Acting Securities and Exchange Commission Chairman Mark Uyeda on Thursday called for a softer agency approach to artificial intelligence regulation, reflecting a broader…
Category: CyberSecurityDive
Cybersecurity firms brace for impact of potential Oracle Cloud breach
Information security firms are taking measures to protect customers and their own networks as they wait for official guidance following claims of a massive attack…
Solar power gear vulnerable to remote sabotage
Solar inverters made by three of the world’s largest manufacturers were found vulnerable to remote sabotage that could have produced large-scale power outages. Researchers from…
Threat actor in Oracle Cloud breach may have gained access to production environments
Dive Brief: Security researchers are analyzing a 10,000-line dataset provided by a hacker who claimed to have breached Oracle Cloud. The threat actor claimed to…
Ransomware gangs increasingly brandish EDR bypass tools
Dive Brief Ransomware actors are increasingly abusing vulnerable drivers to craft tools known as “EDR killers,” which can disrupt and even delete extended detection and…
FCC investigating China-linked companies over evasion of US national security measures
The Federal Communications Commission on Friday said it is investigating whether companies aligned with the People’s Republic of China are still selling banned equipment or…
Researchers back claim of Oracle Cloud breach despite company’s denials
Dive Brief: Security researchers said they confirmed a breach of Oracle Cloud after a previously unknown threat actor posted an offer to sell more than…
Critical vulnerabilities put Kubernetes environments in jeopardy
Dive Brief: Wiz researchers on Monday disclosed the technical details of four critical vulnerabilities — CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974 — for Ingress NGINX Controller…
Russian threat actor weaponized Microsoft Management Console flaw
A prolific Russian threat actor is exploiting a zero-day flaw in the Microsoft Management Console (MMC) framework to execute malicious code on targeted systems in…
DrayTek routers face active exploitation of older vulnerabilities
Dive Brief: Researchers warn that three older vulnerabilities in DrayTek routers have been actively exploited in recent weeks, which coincides with widespread reports of devices…
Critical Apache Tomcat RCE vulnerability exploited
Dive Brief: Researchers from GreyNoise on Thursday reported active exploitation of CVE-2025-24813, a critical remote code execution vulnerability in Apache Tomcat web server software. The path…
How ASPM gives you control over complex architectures
As organizations embrace more dynamic and complex application architectures—such as microservices, hybrid cloud infrastructures, and rapid CI/CD pipelines—securing these environments becomes increasingly difficult. Many security…