Автор: Jai Vijayan, Contributing Writer

Over the past few weeks, bad actors from different regions have been scanning devices with the VPN for potential vulnerabilities.

Although Oracle has denied its cloud infrastructure services were breached, security experts recommend Oracle customers independently verify if they were affected and take measures to reduce exposure to potential fallout.

Evidence suggests an attacker gained access to the company’s cloud infrastructure environment, but Oracle insists that didn’t happen.

Attackers don’t always need to resort to sophisticated gambits to break and enter; organizations often make it easy for them to walk right in.

More than 40% of all Internet-facing container orchestration clusters are at risk.

CISA this week added CVE-2025-24472 to its catalog of known exploited vulnerabilities, citing ransomware activity targeting the authentication bypass flaw.

The sneaky malware packs capabilities for system reconnaissance as well as credential and cryptocurrency theft.

In a cyber twist, attackers behind two of the campaigns are using the apps to redirect users to phishing and malware distribution sites.

A threat actor leveraged the vulnerability in an "extremely sophisticated" attack on targeted iOS users, the company says.

The number of zero-day vulnerabilities getting patched in Microsoft’s March update is the company’s second-largest ever.