For providers

Have you ever given two seconds of thought to a browser notification? No? That's what hackers bent on phishing are counting on.

Searchlight Cyber today released a blog detailing CVE-2025-61757, a vulnerability they reported to Oracle. Oracle released a patch for the vulnerability as part of its October Critical Patch Update, which was released on October 21st.

The infostealer specifically targets Brazilian Portuguese speakers and combines malware designed to phish banking credentials and steal data, a worm, and some uniquely Brazilian quirks.

As policymakers confront new cybersecurity challenges from emerging technologies like AI and quantum computing, an urgent threat hides in plain sight—end-of-Life (EoL) technology beyond its supported … Read more on Cisco Blogs

As global networks face escalating threats, Cisco is strengthening resilient infrastructure by setting secure defaults, eliminating legacy risks, and empowering proactive defense.

Outdated technology is building up in critical infrastructure and posing growing risk of malicious exploitation.

Build the specialized skills to design, deploy, and manage AI-ready data center infrastructure.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

A second zero-day vulnerability in its web application firewall (WAF) line has come under attack, raising more questions about the vendor's disclosure practices.