Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On October 11, 2025, Oracle released an emergency fix for a high-severity information disclosure vulnerability in Oracle E-Business Suite (EBS), tracked as CVE-2025-61884. The flaw exists in the Runtime UI component of Oracle Configurator and allows remote unauthenticated threat actors to access sensitive resources. Oracle has not confirmed a link between this vulnerability and the extortion emails received by some Oracle EBS customers from the Cl0p ransomware group in recent weeks.

Job scam texts are blowing up phones everywhere, and they’re only getting sneakier. Stay one step ahead by keeping the fakes out, and help keep your information safe with Avast Mobile Security. You’re in line for coffee when your phone buzzes: “Hi! We reviewed your profile for a remote job. $1,200/week, no experience needed! Text YES to learn more.” Looks tempting at first glance, right? But if your scam radar isn't going off yet, it should be.

A new report warns of a significant spike in SMS phishing (smishing) scams targeting younger Americans between 18 and 29 years old. The report, released by Consumer Reports, Aspen Digital and the Global Cyber Alliance, also found that 30 percent of people who experienced a cyberattack or scam this year said it began over a text message or a messaging app, compared to 20 percent last year.

Job-related scams surged by more than one thousand percent between May and July 2025, according to new research from McAfee. Job seekers are particularly vulnerable to scams, since they’re expecting to receive unsolicited messages and are more likely to overlook red flags. The researchers offer the following advice to help users avoid falling for these attacks: The researchers conclude that awareness is an essential layer of defense against social engineering attacks.

We’ve come a long way. We’ve deconstructed the problem, explored the complexity of humans, and laid out a strategic framework and a practical map—all of which can be explored in more detail in our Human Risk Management (HRM) whitepaper. Now for the final piece of the puzzle: the engine. A strategy this dynamic and personalised can't run on spreadsheets and manual effort alone. It needs to be powered by an intelligent, integrated platform.

The Digital Operational Resilience Act (DORA) is a legislative measure of the European Union designed to enhance the digital operational resilience of financial institutions. It has been in effect since January 17, 2025. Drafted to ensure that banks, insurance companies, and other financial intermediaries, as well as stock exchanges and trading platforms, can withstand, respond to, and recover from ICT (Information and Communication Technology) disruptions.

TL;DR: Aikido now integrates with Secureframe. Vulnerability data syncs automatically so SOC 2 Type 2 and ISO 27001:2022 evidence stays accurate. 16 tests and 5 controls handled for you. Secureframe makes it easier to run SOC 2, ISO 27001, HIPAA and PCI DSS programs. But compliance tools only work if the data inside them is accurate. Too often, teams end up exporting CSVs, uploading reports, or sharing screenshots that are already outdated by the time an auditor looks at them.

In the ever-evolving landscape of digital work environments, Microsoft Office 365 stands as a cornerstone for over a million global companies, as highlighted by a recent Statista report (2024). This ubiquitous tool has become indispensable for organizations navigating hybrid work models and global economies, harnessing its collaborative capabilities alongside the imperative need for robust data protection strategies.

Oracle Cloud Infrastructure (OCI) provides compute, storage, networking, and database services for running enterprise applications and workloads in Oracle. OCI supports both traditional and cloud-native applications, offering scalable, secure, and high-performance infrastructure for hybrid and multi-cloud environments. Securing workloads in OCI can be complex for organizations managing a mix of on-prem, hybrid, and cloud environments.

SRE Day SF shows why dashboards alone do not defend anything. Explore paths to better telemetry, progressive delivery, and resilience that customers can feel.