Found 24 articles
Dartmouth College has confirmed a significant data breach involving the theft of over 226 Gb of files by cybercriminals. This incident highlights the increasing risks associated with data security in educational institutions and raises concerns about the potential exposure of sensitive information.
Canon has reported that one of its subsidiaries has been affected by the Oracle EBS hack, which has resulted in over 100 alleged victims being listed on the Cl0p ransomware website. This incident highlights the significant impact of the Oracle EBS campaign and raises concerns about the security of affected organizations.
The article highlights the exploitation of CVE-2025-61757, which follows a breach of Oracle Cloud and an extortion campaign targeting Oracle E-Business Suite customers. This indicates a significant security threat that could impact numerous organizations relying on Oracle's services.
CISA has confirmed the exploitation of a vulnerability in Oracle Identity Manager, identified as CVE-2025-61757, which has been added to its Known Exploited Vulnerabilities catalog. This indicates a significant security risk for organizations using the affected systems, necessitating immediate attention to mitigate potential breaches.
Mazda has been identified as a victim of the Cl0p ransomware group's Oracle EBS campaign, but the company asserts that there has been no data leakage or operational impact from the incident. This situation highlights the ongoing threat posed by ransomware groups targeting enterprise systems.
Cox has confirmed a significant data breach involving Oracle EBS, with over 1.6 terabytes of data reportedly stolen and made public by cybercriminals. This incident highlights the severity of cybersecurity threats faced by organizations and the potential exposure of sensitive information for numerous alleged victims.
The Hacker News
CISA has identified a critical security vulnerability in Oracle Identity Manager, classified as CVE-2025-61757, which is actively being exploited. This vulnerability involves missing authentication for a critical function, posing significant security risks.
A critical unauthenticated remote code execution vulnerability, identified as CVE-2025-61757, has been discovered in Oracle Identity Manager. This flaw poses significant risks as it may be exploited as a zero-day, allowing attackers to execute arbitrary code without authentication.
All CISA Advisories
CISA has added CVE-2025-61757, a critical vulnerability in Oracle Fusion Middleware, to its Known Exploited Vulnerabilities Catalog due to evidence of active exploitation. This vulnerability poses significant risks to federal networks, prompting CISA to urge timely remediation by all organizations to mitigate potential cyberattacks.