Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A critical CVE-2025-61882 Oracle E-Business Suite vulnerability is under active exploitation by the Cl0p ransomware group. This unauthenticated remote-code-execution (RCE) vulnerability — CVE-2025-61882 — in Oracle E-Business Suite (EBS) was patched by Oracle in October 2025 and is being actively exploited in the wild. Multiple security vendors attribute attacks to Cl0p/associated ransomware extortion campaigns and Oracle has published an emergency Security Alert.

I’m not one to blog, but speaking with clients, peers, and colleagues, I often hear statements like “SIEM is dead” or “this is the SOC of the future.” So what do they really mean? Honestly, I’m not entirely sure either — there are so many conflicting viewpoints and ways of addressing this.

We are thrilled to announce that CrowdStrike Falcon Next-Gen SIEM has been named a Visionary in the 2025 Gartner Magic Quadrant for Security Information and Event Management (SIEM). Falcon Next-Gen SIEM is reimagining SIEM with AI, real-time data, and a unified platform approach, delivering the automation, speed, and control to transform SOC operations and power the agentic SOC.

Manufacturing is the core of the global economy, yet it is the most attacked industry today. And while much of the attention falls on external attackers, an equally dangerous risk comes from within. This article explores the unique cybersecurity challenges manufacturing organizations face, shows you real-life examples of manufacturing data breaches caused by insiders, and provides seven key measures to help you build a resilient insider threat program.

The conversation about AI in cybersecurity is missing the point. While the industry has been focused on the emergence of AI-generated phishing emails, perhaps a far more profound shift has been somewhat ignored. Your workforce is no longer just human. It's a hybrid team of people, AI agents, copilots, assistants and digital partners. This creates a new and complex attack surface. The next great security challenge isn't just protecting a human from a machine.

OpenAI, the people behind ChatGPT, have launched an updated AI video- and audio-generation system with fascinating, and terrifying, implications for the spread of deepfakes.

The digital landscape across Asia/Pacific (excluding Japan) (APEJ) is characterized by rapid growth in the acceptance of Managed Detection and Response (MDR), and driven by a corresponding surge in cyber threats, according to IDC’s just released report IDC MarketScape: Asia/Pacific (Excluding Japan) Managed Detection and Response Services 2025 Vendor Assessment. IDC recognized Trustwave, A LevelBlue Company, as a Leader in the report.

New details are emerging in recent weeks on how the Crimson Collective threat group has been conducting a large-scale campaign targeting Amazon Web Services cloud environments. Recent reports highlight how easily the attackers progressed once they obtained valid credentials. The Crimson Collective claims to have exfiltrated ~570 GB across ~28,000 internal GitLab projects; Red Hat has confirmed access to a Consulting GitLab instance but hasn’t verified the full scope of those claims.

2025 has been one of Wallarm’s biggest years yet. In the last few months alone, we unveiled our industry-first API Revenue Protection capability, launched our next-gen Security Edge offering, were included in the 2025 Inc. 5000 list of fastest-growing private companies in America, and announced our $55M Series C funding round. This October, we’re proud to see our dedication and our customers’ confidence recognized.

The threat GitGuardian has long-anticipated is now a reality: criminal groups are executing systematic attacks targeting hardcoded credentials and over-permissive IAM configurations. The situation escalated when Shiny Hunters and Crimson Collective formed an alliance to coordinate efforts.