Threat actor in Oracle Cloud breach may have gained access to production environments
Dive Brief: Security researchers are analyzing a 10,000-line dataset provided by a hacker who claimed to have breached Oracle Cloud. The threat actor claimed to…
Category: CyberSecurityDive
Ransomware gangs increasingly brandish EDR bypass tools
Dive Brief Ransomware actors are increasingly abusing vulnerable drivers to craft tools known as “EDR killers,” which can disrupt and even delete extended detection and…
FCC investigating China-linked companies over evasion of US national security measures
The Federal Communications Commission on Friday said it is investigating whether companies aligned with the People’s Republic of China are still selling banned equipment or…
Researchers back claim of Oracle Cloud breach despite company’s denials
Dive Brief: Security researchers said they confirmed a breach of Oracle Cloud after a previously unknown threat actor posted an offer to sell more than…
Critical vulnerabilities put Kubernetes environments in jeopardy
Dive Brief: Wiz researchers on Monday disclosed the technical details of four critical vulnerabilities — CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974 — for Ingress NGINX Controller…
Russian threat actor weaponized Microsoft Management Console flaw
A prolific Russian threat actor is exploiting a zero-day flaw in the Microsoft Management Console (MMC) framework to execute malicious code on targeted systems in…
DrayTek routers face active exploitation of older vulnerabilities
Dive Brief: Researchers warn that three older vulnerabilities in DrayTek routers have been actively exploited in recent weeks, which coincides with widespread reports of devices…
Critical Apache Tomcat RCE vulnerability exploited
Dive Brief: Researchers from GreyNoise on Thursday reported active exploitation of CVE-2025-24813, a critical remote code execution vulnerability in Apache Tomcat web server software. The path…
How ASPM gives you control over complex architectures
As organizations embrace more dynamic and complex application architectures—such as microservices, hybrid cloud infrastructures, and rapid CI/CD pipelines—securing these environments becomes increasingly difficult. Many security…
Coinbase originally targeted during GitHub Action supply chain attack
Dive Brief: The threat actors in the GitHub Action supply chain attack were targeting Coinbase as part of their initial wave, according to a report…
Medusa ransomware using malicious driver as EDR killer
A Medusa ransomware campaign is using a malicious driver to disrupt and even delete endpoint detection and response (EDR) products on targeted organization networks. According…
Cisco Smart Licensing Utility flaws under attack
Dive Brief: Johannes Ullrich of the SANS Internet Storm Center reported exploitation attempts this week against two critical Cisco vulnerabilities that were initially disclosed in…