Headlines For Security Pros
Oracle EBS Customers Hit With Extortion Demands Claiming Data Theft
A well-known ransomware gang has been exploiting a zero-day in Oracle E-Business Suite (EBS) since at least early August to steal data. Oracle has patched the flaw, and customers are urged to apply the fix immediately.
Discord Confirms Supply Chain Breach, Hackers Claim 1.5TB Of User ID Photos Exposed
Discord is contacting users to inform them that their data was accessed by an “unauthorized party” after one of its third-party customer service providers was compromised. The threat actor did not breach Discord directly, the company says, but carried out the attack on Discord’s Zendesk instance.
Fortra GoAnywhere MFT Bug Used To Deploy Medusa Ransomware
A cybercriminal group is exploiting a vulnerability in Fortra’s popular GoAnywhere file transfer tool to distribute Medusa ransomware, say researchers at Microsoft.
Red Hat Confirms Breach Of GitLab Instance
A cybercriminal gang has claimed to have stolen data from one of Red Hat’s GitLab instances, according to screenshots posted in Telegram channels. Red Hat has confirmed cybercriminals breached a GitLab environment, but has not verified the claims made by the attackers.
Scattered Spider And ShinyHunters Linked Group Demand Salesforce Pay To Protect Data
An extortion group has published a new leak site containing the data of 39 well-known brands, including Disney/Hulu, Google, Cisco, McDonald’s, FedEx, Chanel, and IKEA. They are demanding that Salesforce pay a ransom to protect these companies’ data.
More News
CISO Q&A: Nick Mistry On The Future Of AI In Cybersecurity
Nick Mistry, CISO, delves into the role of a CISO and how embracing a strategy- and technology-first approach can bolster your defensive posture.
OpenAI: State-Linked Groups Are Using ChatGPT For Malicious Campaigns
New details have emerged on how cybercriminals, and in particular state-sponsored groups, are exploiting AI to make their campaigns more efficient.
Redis Warns Of Critical “RediShell” Flaw With CVSS Of 10
Redis has released emergency patches for a severe security vulnerability that could potentially allow attackers gain full control over affected servers.
Gamers And Developers Urged To Patch Severe Unity Flaw Immediately
A cybersecurity researcher has discovered a high-severity vulnerability in Unity, one of the world’s most popular game development tools.
Kaseya Expands AI-Powered Email Security with Acquisition of INKY
Kaseya has acquired INKY, a leading AI-driven email security platform.
Renault And Dacia Group Alerts Customers Following Third-Party Data Breach
Renault and its subsidiary Dacia have notified UK customers that some personal information may have been accessed following a cyberattack on a third-party service provider.
Proofpoint’s Big Pivot: What It Means For You
Proofpoint made some big moves at its Protect 2025 event in Nashville. Here’s the lowdown for customers and partners.
Top Solutions For You
Top Business Password Managers
A single compromised password can be enough to undermine your organization’s entire security strategy. The importance of password security cannot be overstated—find the top solution for your business.
Proactively monitor network performance, detect security threats, automate routine IT tasks, and provide detailed reporting for compliance and decision-making—discover the best solutions for MSPs.
In 2025, email remains a prime target for cyberattacks, making robust email security solutions critical for businesses worldwide—view our comprehensive guide to the top email security solutions.
Discover More
Podcasts
Advertising
About Expert Insights
Expert Insights helps security and IT professionals make smarter, faster cybersecurity decisions.
Join our community, stay ahead with our podcasts, and get essential insights in our weekly newsletter. Trusted by over one million businesses.
