Автор: Jai Vijayan, Contributing Writer

Evidence suggests an attacker gained access to the company’s cloud infrastructure environment, but Oracle insists that didn’t happen.

Attackers don’t always need to resort to sophisticated gambits to break and enter; organizations often make it easy for them to walk right in.

More than 40% of all Internet-facing container orchestration clusters are at risk.

CISA this week added CVE-2025-24472 to its catalog of known exploited vulnerabilities, citing ransomware activity targeting the authentication bypass flaw.

The sneaky malware packs capabilities for system reconnaissance as well as credential and cryptocurrency theft.

In a cyber twist, attackers behind two of the campaigns are using the apps to redirect users to phishing and malware distribution sites.

A threat actor leveraged the vulnerability in an "extremely sophisticated" attack on targeted iOS users, the company says.

The number of zero-day vulnerabilities getting patched in Microsoft’s March update is the company’s second-largest ever.

The likely India-based threat group is also targeting logistics companies in a continued expansion of its activities.

The nation-state threat group has been breaching providers of remote management tools, identity management providers, and other IT companies to access networks of targeted entities, according to Microsoft.