Security Flaw in Oracle E-Business Suite Exposes Multiple Organizations to Cyber Threats On October 10, 2025, a report from Google Threat Intelligence Group (GTIG) and Mandiant confirmed a significant zero-day exploitation of a security vulnerability in Oracle’s E-Business Suite (EBS) software. This flaw has potentially affected numerous organizations since its…
Critical Vulnerability in Aviatrix Controller Exploited for Malicious Activities A recently uncovered severe security vulnerability in the Aviatrix Controller, a cloud networking platform, has drawn significant attention due to its active exploitation in the wild. Security firm Wiz has reported ongoing incidents where attackers are leveraging this critical flaw to…
Targeted Attacks on Vulnerable Microsoft SQL Servers Uncovered Recent cybersecurity reports indicate that threat actors are actively exploiting vulnerable internet-facing Microsoft SQL (MS SQL) Servers as part of a disturbing new campaign. This effort aims to install the Cobalt Strike adversary simulation tool on compromised systems, revealing serious implications for…
Governance & Risk Management, Security Operations, Vulnerability Assessment & Penetration Testing (VA/PT) Pentera Acquires DevOcean to Enhance Attack Simulation and Remediation Michael Novinson (MichaelNovinson) • October 9, 2025 Amitai Ratzon, co-founder and CEO, Pentera (Image: Pentera) Pentera has announced the acquisition of DevOcean, an Israeli startup founded by a former…
Discord has reported a significant security breach involving the potential exposure of government identification images belonging to approximately 70,000 users. These IDs, which were submitted as proof of age in accordance with the platform’s usage requirements, were compromised via a third-party customer service provider. This incident highlights the growing risks…
Google Cloud has addressed a significant medium-severity security vulnerability within its platform that could potentially allow an attacker with access to a Kubernetes cluster to escalate their privileges. This flaw was associated with the Fluent Bit logging container, and Google indicated that an unauthorized user could exploit this access to…
COLUMBIA, S.C. (WIS) – Residents of Camden find themselves grappling with uncertainty after receiving alarming notifications from Sheheen, Hancock & Godwin, LLP, a local accounting firm, indicating that their personal data could have been compromised. A detailed statement posted on the firm’s website revealed that an unidentified entity downloaded sensitive…
On Monday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced the addition of a second vulnerability affecting BeyondTrust’s Privileged Remote Access (PRA) and Remote Support (RS) solutions to its Known Exploited Vulnerabilities (KEV) catalog. This decision follows the identification of ongoing exploitation of the flaw in real-world environments. The…
Recent cybersecurity developments have revealed a significant escalation in cyberattacks aimed at Ukraine, coinciding with the country’s ongoing military conflict. Cybersecurity experts from ESET and Broadcom’s Symantec have reported the emergence of a new wiper malware, identified as HermeticWiper (also known as KillDisk.NCV), which has been actively deployed against numerous…
