Author: Staff Writer

Quick Takeaways Oracle urgently patched a critical vulnerability (CVE-2025-61882, score 9.8) in its E-Business Suite, exploited in Cl0p ransomware attacks, allowing unauthenticated remote code execution. The flaw affects the Oracle Concurrent Processing component, enabling attackers to take control via HTTP without needing login credentials. Cl0p exploited multiple vulnerabilities, including those patched in Oracle’s July 2025 updates and the recent CVE-2025-61882, stealing large data amounts from targets. Organizations are urged to assess their systems for compromises, as widespread zero-day exploitation indicates ongoing threats from threat groups like LAPSUS$ and Cl0p. The Issue Recently, Oracle released a critical security update to address…

Essential Insights The Cl0p ransomware group has been exploiting a zero-day vulnerability (CVE-2025-61882) in Oracle E-Business Suite, leading to extortion attempts against customers. Oracle issued a security alert confirming the in-the-wild exploitation of this critical remote code execution flaw affecting the Business Intelligence Publisher component. Reports indicate Cl0p targeted vulnerabilities patched in the July 2025 Oracle CPU, although Oracle’s official statements were initially ambiguous about their use in attacks. Patches for CVE-2025-61882 and related vulnerabilities are available, but no public proof-of-concept exploits have been released as of October 2023. The Issue Recently, the Cl0p ransomware group targeted Oracle E-Business Suite…

Fast Facts Oracle issues a critical security alert for CVE-2025-61882, a zero-day vulnerability in Oracle E-Business Suite (versions 12.2.3-14), with a CVSS score of 9.8, enabling unauthenticated remote code execution. The flaw has been actively exploited by the Clop ransomware gang in August 2025 to steal data, using an exploit leaked by the "Scattered Lapsus$ Hunters," which includes Python scripts to execute commands or open reverse shells. Oracle has released urgent patches after confirming the vulnerability’s exploitation, but initial links tied the attacks to vulnerabilities patched in July 2025, now clarified to include the recently discovered zero-day. The exploit was…

Essential Insights Managing Non-Human Identities (NHIs) is essential for cloud security, as they underpin automated processes and access management critical to sectors like healthcare, finance, and travel. Effective NHI lifecycle management—covering discovery, classification, monitoring, and decommissioning—helps prevent security gaps and unauthorized access. Collaboration between security and development teams is vital to integrate NHI security measures seamlessly into workflows, reducing vulnerabilities. Leveraging advanced AI and automation technologies enhances NHI security, enabling proactive threat detection and efficient management aligned with broader cybersecurity strategies. Underlying Problem The story reports on the critical importance of managing Non-Human Identities (NHIs) within organizational cybersecurity frameworks, especially…

Fast Facts Non-Human Identities (NHIs) and Secrets Security Management are crucial for protecting machine identities and sensitive data, especially in cloud and regulated industries like healthcare and finance. Effective NHI management involves a lifecycle approach—discovery, classification, threat detection, and remediation—to prevent vulnerabilities and ensure continuous security. Challenges such as system complexity, volume of secrets, and human error necessitate automation, Zero Trust architectures, and ongoing staff education for robust security. Future cybersecurity will increasingly leverage AI, machine learning, and strategic partnerships to enhance NHI management, predict threats, and uphold data integrity and compliance. What’s the Problem? The story details how organizations,…

Essential Insights Ineffectiveness of training: Peer-reviewed studies show that compulsory cybersecurity training and phishing tests do not significantly reduce click rates or improve incident reporting, making them largely futile and costly. Costly compliance, poor impact: Organizations spend millions on CBTs and phishing exercises, often without measurable benefits, while these approaches can damage morale, reduce performance, and foster a tick-box culture. Misleading assurance: Despite mandatory training, organizations often rely on superficial metrics and false sense of security, risking severe consequences when actual cyber threats exploit these gaps. Better approaches possible: Focusing on engaging, employee-friendly strategies, aligning incentives, and measuring real behaviors…

Top Highlights Community Repositories Risks: Tools like Chocolatey and Winget are vital for IT patching, but they carry risks such as outdated packages and lack of security signatures, echoing issues seen in other ecosystems like NPM. Expert Insights: Gene Moody emphasizes the need to critically assess community repositories, advocating for practical guardrails to maintain safety while fostering speed in deployment. Key Security Practices: Participants will learn to implement security measures like source pinning and hash verification to mitigate risks associated with community-driven code. Patch Management Strategy: The session will equip attendees to prioritize patches effectively, balance using community versus vendor…

Top Highlights ParkMobile settled a $32.8 million class action lawsuit related to a 2021 data breach that exposed the information of 22 million users, including personal and vehicle details. Affected users are entitled to a $1 in-app credit, which can be used for up to four transactions, but must be claimed manually with a limited-time promo code, expiring mostly by October 8, 2026. The settlement emphasizes that ParkMobile denies wrongdoing and that the settlement is solely to resolve the dispute; users had to submit claim forms by March 5, 2025, to receive the full compensation. Post-settlement, ParkMobile warns users of…

Quick Takeaways Hackers compromised a third-party customer support system on September 20, stealing limited user data, including personally identifiable information, government ID images, and partial payment details, demanding a Ransom. The breach impacted some Discord users who interacted with support, with data such as names, emails, contact info, IP addresses, messages, attachments, and minor billing info being exposed. The attack was claimed by the SLH threat group via Zendesk breach, with an image showing access to Discord employees’ admin controls; Discord responded quickly by revoking access and engaging forensic and law enforcement support. Industry experts warn that if leaked, the…

Summary Points Growing Attack Surface: Modern enterprises face an expanding attack surface due to cloud sprawl, shadow IT, and dynamic configurations, leading to overwhelming security challenges. Dynamic Attack Surface Reduction (DASR): DASR represents the evolution of preemptive cybersecurity, utilizing context and automation to continuously minimize entry points and enhance defenses beyond static measures. Bitdefender PHASR: The introduction of Bitdefender PHASR exemplifies DASR, providing automated hardening against attacks that exploit existing configurations and access vulnerabilities. Actionable Insights for Leaders: The webinar equips IT and security leaders with strategies for effective exposure management, emphasizing safe automation, real-world applications, and measurable impact to…