Security
Stay informed with the latest developments in cybersecurity through our Security category. Discover in-depth news, analysis, and updates on emerging cyber threats, malware incidents, and major data breaches. Whether you’re a cybersecurity professional or just keen on protecting your digital footprint, find insights and trends that are shaping the future of online security here.
Cox Enterprises discloses Oracle E-Business Suite data breach
Cox Enterprises is notifying impacted individuals of a data breach that exposed their personal data to hackers who breached the company network after exploiting a zero-day flaw in Oracle E-Business Suite. The compromise occurred in August, but the company didn’t detect the intrusion until late September, when it launched its internal investigation. “On September 29, 2025, […]
CISA warns Oracle Identity Manager RCE flaw is being actively exploited
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning government agencies to patch an Oracle Identity Manager tracked as CVE-2025-61757 that has been exploited in attacks, potentially as a zero-day. CVE-2025-61757 is a pre-authentication RCE vulnerability in Oracle Identity Manager, discovered and disclosed by Searchlight Cyber analysts Adam Kues and Shubham Shahflaw. The flaw stems […]
Grafana warns of max severity admin spoofing vulnerability
Grafana Labs is warning of a maximum severity vulnerability (CVE-2025-41115) in its Enterprise product that can be exploited to treat new users as administrators or for privilege escalation. The issue is only exploitable when SCIM (System for Cross-domain Identity Management) provisioning is enabled and configured. Specifically, both ‘enableSCIM’ feature flag and ‘user_sync_enabled’ options must be […]
CrowdStrike catches insider feeding information to hackers
American cybersecurity firm CrowdStrike has confirmed that an insider shared screenshots taken on internal systems with hackers after they were leaked on Telegram by the Scattered Lapsus$ Hunters threat actors. However, the company noted that its systems were not breached as a result of this incident and that customers’ data was not compromised. “We identified […]
FCC rolls back cybersecurity rules for telcos, despite state-hacking risks
The Federal Communications Commission (FCC) has rolled back a previous ruling that required U.S. telecom carriers to implement stricter cybersecurity measures following the massive hack from the Chinese threat group known as Salt Typhoon. The ruling came in January 2025 and took effect immediately under the Communications Assistance for Law Enforcement Act (CALEA), in response to Salt Typhoon’s breaching multiple […]
‘Scattered Spider’ teens plead not guilty to UK transport hack
Two British teenagers have denied charges related to an investigation into the breach of Transport for London (TfL) in August 2024, which caused millions of pounds in damage and exposed customer data. Believed to be members of the Scattered Spider hacking collective, 19-year-old Thalha Jubair from east London and 18-year-old Owen Flowers from Walsall were arrested at their homes […]
Google exposes BadAudio malware used in APT24 espionage campaigns
China-linked APT24 hackers have been using a previously undocumented malware called BadAudio in a three-year espionage campaign that recently switched to more sophisticated attack methods. Since 2022, the malware has been delivered to victims through multiple methods that include spearphishing, supply-chain compromise, and watering hole attacks. Campaign evolution From November 2022 until at least September 2025, APT24 […]
Hacker claims to steal 2.3TB data from Italian rail group, Almaviva
Data from Italy’s national railway operator, the FS Italiane Group, has been exposed after a threat actor breached the organization’s IT services provider, Almaviva. The hacker claims to have stolen 2.3 terabytes of data and leaked it on a dark web forum. According to the threat actor’s description, the leak includes confidential documents and sensitive company information. […]
GlobalProtect VPN portals probed with 2.3 million scan sessions
Malicious scanning activity targeting Palo Alto Networks GlobalProtect VPN login portals has increased 40 times in 24 hours, indicating a coordinated campaign. Real-time intelligence company GreyNoise reports that activity began climbing on November 14 and hit its highest level in 90 days within a week. “GreyNoise has identified a significant escalation in malicious activity targeting Palo Alto […]
Salesforce investigates customer data theft via Gainsight breach
Salesforce says it revoked refresh tokens linked to Gainsight-published applications while investigating a new wave of data theft attacks targeting customers. The cloud-based software company noted that this doesn’t stem from a vulnerability in its customer relationship management (CRM) platform since all evidence points to the malicious activity being related to the app’s external connection […]