Security Bulletin

The exploitation of CVE-2025-61757 follows a breach of Oracle Cloud earlier this year as well as a recent extortion campaign targeting Oracle E-Business Suite customers.

This campaign introduces a new variant that executes malicious code during preinstall, significantly increasing potential exposure in build and runtime environments, researchers said.

Advancements in vision language models expanded models reasoning capabilities to help protect employee safety.

Millions of hours wasted in traffic and unacceptable fatality rates are challenges transportation agencies face globally. At the recent ITS World Congress, Cisco showcased how we're powering Intelligent Transportation Systems for a safer, greener...

We continue to encounter high-profile vulnerabilities related to the use of URL mapping (or "aliases") with URL-based access control. Last week, we wrote about the Oracle Identity Manager vulnerability. I noticed some scans for an older vulnerability...

As enterprises race to deploy generative AI, the real challenge lies not in building models, but in operationalizing them at scale. A unified infrastructure—like Cisco AI PODs with Red Hat OpenShift AI—provides the foundation organizations need to...

See how Cisco is helping mobile operators improve visibility, protect traffic at high speed, and keep security consistent from core to edge.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

YARA-X's 1.10.0 release brings a new command: fix warnings.

Wireshark release 4.6.1 fixes 2 vulnerabilities and 20 bugs.

In a repeat of similar attacks during the summer, threat actors affiliated with the ShinyHunters extortion group used a third-party application to steal organizations' Salesforce data.

In a potential gift to geopolitical adversaries, the encrypted messaging app uses a leaky custom protocol that allows message replays, impersonation attacks, and sensitive information exposure from chats.