Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Healthcare has always been one of the toughest environments for maintaining privacy. Now add AI assistants, retrieval-augmented generation, and multimodal inputs like clinical images and voice notes. Sensitive information travels farther and faster than ever before, and the fallout from a single leak can be devastating, affecting clinical, legal, and reputational aspects. The question for 2025 is simple: how do we harness the advantages of AI without compromising private health data?

LimaCharlie is opening its advanced Search feature for beta testing. For current SecOps Cloud Platform users Search brings a SIEM-like experience to their integrated security stack. For those new to LimaCharlie, our SecOps platform centralizes security tooling and third-party resources while providing limitless cloud scaling and native multi-tenancy. We also provide a free rolling year of telemetry storage.

CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability — now tracked as CVE-2025-61882 — targeting Oracle E-Business Suite (EBS) applications for the purposes of data exfiltration. CrowdStrike Intelligence assesses with moderate confidence that GRACEFUL SPIDER is likely involved in this campaign but cannot rule out the possibility that multiple threat actors have exploited CVE-2025-61882.

The eDiscovery landscape is undergoing a profound transformation, driven by the rapid evolution of artificial intelligence (AI). What was once a labor-intensive, manual process is now being revolutionized by technologies capable of analyzing vast volumes of data with speed, precision and insight. AI is not just a buzzword; it’s a catalyst for smarter, faster and more defensible legal workflows.

A critical vulnerability (CVE-2025-61882) has been identified in Oracle E-Business Suite, specifically impacting the Concurrent Processing component through its BI Publisher Integration. This widely used enterprise resource planning platform is deployed across finance, HR, procurement, and other critical business functions, making any compromise potentially devastating.

Pentest People is proud to announce the release of GuardNest, the next evolution of its award-winning cybersecurity platform, previously known as SecurePortal. Version 3 of the platform delivers a completely new look and feel, marking a major milestone in the company’s ongoing partnership with WorkNest and its mission to make security management simpler, smarter, and more collaborative.

AI agents are quickly becoming “first-class citizens” in financial services, mimicking human behavior and holding privileged access that rivals employees. Yet unlike people, they don’t appear on your official org chart. The financial services sector already lives in a state of constant tension: the race to adopt new technologies for a competitive edge often faces off with the duty to preserve customer trust earned over decades of reliability, regulation, and security.

On October 4, 2025, Oracle released a fix for a newly disclosed critical vulnerability, tracked as CVE-2025-61882, linked to recent extortion emails received by some Oracle E-Business Suite (EBS) customers. This vulnerability allows unauthenticated remote threat actors to achieve remote code execution and resides in the BI Publisher component of Oracle Concurrent Processing.

A new report has found that nearly 40% of security leaders believe their organizations are least prepared for phishing and other social engineering attacks, Help Net Security reports. According to the report from VikingCloud, these concerns are driven by the increasing use of AI tools to assist in cyberattacks. “Generative or agentic AI-driven phishing attacks (51%) are leadership teams’ top concern when it comes to new cyberattack techniques,” the report says.

Almost every AEC professional interacts with construction specifications from estimating to closeout, but that doesn’t mean it's easy. Locked in hard-to-use PDFs, specification documents are often a time-consuming obstacle. Egnyte’s Specifications Analyst, part of the new Project Hub, eases the pain with an intuitive interface built specifically for how AEC teams work.