CISA has added CVE-2025-61757 to its Known Exploited Vulnerabilities (KEV) catalog.
The post CISA Confirms Exploitation of Recent Oracle Identity Manager Vulnerability appeared first on SecurityWeek.
Category Added in a WPeMatico Campaign
CrowdStrike Insider Helped Hackers Falsely Claim System Breach
The company has confirmed that it terminated an insider who shared screenshots of his computer with cybercriminals.
The post CrowdStrike Insider Helped Hackers Falsely Claim System Breach appeared first on SecurityWeek.
Microsoft Highlights Security Risks Introduced by New Agentic AI Feature
Without proper security controls, AI agents could perform malicious actions, such as data exfiltration and malware installation.
The post Microsoft Highlights Security Risks Introduced by New Agentic AI Feature appeared first on SecurityWeek.
Mazda Says No Data Leakage or Operational Impact From Oracle Hack
The Cl0p ransomware group has listed Mazda and Mazda USA as victims of the Oracle EBS campaign on its leak website.
The post Mazda Says No Data Leakage or Operational Impact From Oracle Hack appeared first on SecurityWeek.
Spanish Airline Iberia Notifies Customers of Data Breach
The company has notified its customers of the incident roughly a week after a threat actor claimed the theft of 77GB of data from Iberia’s systems.
The post Spanish Airline Iberia Notifies Customers of Data Breach appeared first on SecurityWeek.
146,000 Impacted by Delta Dental of Virginia Data Breach
Names, Social Security numbers, ID numbers, and health information were stolen from a compromised email account.
The post 146,000 Impacted by Delta Dental of Virginia Data Breach appeared first on SecurityWeek.
Cox Confirms Oracle EBS Hack as Cybercriminals Name 100 Alleged Victims
More than 1.6 Tb of data allegedly stolen from Cox was made public by the hackers.
The post Cox Confirms Oracle EBS Hack as Cybercriminals Name 100 Alleged Victims appeared first on SecurityWeek.
In Other News: ATM Jackpotting, WhatsApp-NSO Lawsuit Continues, CISA Hiring
Other noteworthy stories that might have slipped under the radar: surge in Palo Alto Networks scanning, WEL Companies data breach impacts 120,000 people, AI second-order prompt injection attack.
The post In Other News: ATM Jackpotting, WhatsApp-NSO Lawsuit Continues, CISA Hiring appeared first on SecurityWeek.
Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day
CVE-2025-61757 is an unauthenticated remote code execution vulnerability affecting Oracle Identity Manager.
The post Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day appeared first on SecurityWeek.
Over 370 Organizations Take Part in GridEx VIII Grid Security Exercise
The number of participants in the cyber and physical grid security exercise increased by nearly 50% compared to two years ago.
The post Over 370 Organizations Take Part in GridEx VIII Grid Security Exercise appeared first on SecurityWeek.