Security Pulse

Custom illustration showing Oracle Identity Manager servers at the center of an enterprise identity map, with CVE-2025-61757 highlighted as an active remote code execution path.

Oracle Identity Manager CVE-2025-61757 RCE: Deadline and Risk

yohanmanuja3 months ago3 months ago08 mins

CVE-2025-61757 is a critical pre-authentication remote code execution vulnerability in Oracle Identity Manager’s REST APIs that CISA now lists as actively exploited. By abusing a security filter bypass and a Groovy compilation endpoint, attackers can run arbitrary code on identity-tier servers over HTTP. This article explains the exploit chain, CISA’s KEV deadline and how Oracle shops should patch, monitor and lock down their Identity Manager deployments.

A split-screen comparison showing NGAV as a shield blocking a threat, and EDR as a tool investigating a threat that is already inside a computer system, illustrating the difference for small businesses

EDR vs Antivirus for Small Business: What to Buy in 2025

yohanmanuja3 months ago3 months ago210 mins

NGAV (next-gen antivirus) focuses on stopping malware and exploits with AI and behavior analysis. EDR adds continuous visibility, investigation, and one-click response when prevention misses. For most SMEs, start with a strong NGAV baseline and move to EDR as soon as you can support alerts and response especially if ransomware or hands-on-keyboard attacks worry you. …

Futuristic IDE view showing GPT-5.1 Codex as an autonomous coding agent connected to a secure pipeline

GPT-5.1 Codex: Long-Horizon AI Agents Meet Enterprise Security

yohanmanuja3 months ago3 months ago18 mins

GPT-5.1 Codex-Max can now code independently for hours inside terminals, IDEs and Windows environments. That jump from helper to autonomous coding agent dramatically changes the threat model, turning AI-generated patches, permissions and pipelines into first-class security concerns.

Iran-aligned phishing campaign targeting US policy experts via prefilled Microsoft 365 portals and RMM persistence

Iran-Linked Phishing Hits US Policy Experts with M365 and RMM

yohanmanuja3 months ago3 months ago14 mins

Iran-aligned operators ran a precise phishing campaign against US policy experts. They impersonated scholars, redirected victims to prefilled Microsoft 365 pages, and, when blocked, installed remote-access tools. The goal: long-term visibility into policy drafts, research, and contacts—achieved through identity abuse, inbox rules, and pragmatic persistence.

Harrods Warns Customers of Data Breach Involving Third-Party Provider

yohanmanuja5 months ago5 months ago23 mins

Harrods informed loyalty program members of a data breach tied to a third-party provider. The luxury retailer is investigating and urging customer caution.

WhatsApp Enumeration Reveals Global User Directory Exposure

yohanmanuja3 months ago3 months ago28 mins

A WhatsApp API flaw allowed researchers to enumerate 3.5 billion accounts by abusing weak rate-limiting in the contact-discovery endpoint, exposing global phone-number mappings and public profile metadata that adversaries could weaponize for large-scale phishing, impersonation and SIM-swap attacks.

Windows Event Logs highlighting security visibility challenges in enterprise environments

Windows Event Logs Reveal Enterprise Security Blind Spots

yohanmanuja1 month ago1 month ago13 mins

Windows Event Logs reveal the operational challenges of enterprise security monitoring, exposing gaps caused by noise, inconsistency, and real-world configuration limitations.

Nefilim ransomware affiliate arrest involving Ukrainian hacker tied to major extortion attacks

Nefilim Ransomware Affiliate Pleads Guilty After Capture

yohanmanuja2 months ago2 months ago06 mins

A Ukrainian hacker has pled guilty in the Nefilim ransomware affiliate arrest, confirming his role in targeted extortion campaigns. This article examines the investigation, attack methods, and the broader implications for enterprise cybersecurity teams.

Chinese APT router hijacking diagram showing EdgeStepper on a router redirecting software updates to a PlushDaemon command server

Chinese PlushDaemon APT Turns Routers into Software Traps

yohanmanuja3 months ago3 months ago28 mins

A China-aligned threat group known as PlushDaemon runs a Chinese APT router hijacking campaign that implants EdgeStepper on vulnerable routers, reroutes software-update traffic for popular Chinese-language applications and delivers the SlowStepper espionage toolkit through trusted update channels, turning routine network gear into an adversary-in-the-middle platform.

Whisper Leak side-channel showing packet size and timing revealing AI chat topics on encrypted streams

Side-Channel on Streaming AI: Whisper Leak and the Real Fixes

yohanmanuja3 months ago3 months ago05 mins

Encrypted doesn’t mean invisible. Microsoft’s “Whisper Leak” shows a passive observer can classify AI chat topics by watching packet sizes and timing on streaming language models. Here’s how the side-channel works, who can exploit it, and which mitigations actually move the needle.

Understanding the AEM OGNL Remote Code Execution Flaw

Europe Moves Away From Big Tech Companies Toward Local Tech

Indirect Prompt Injection: How AI Agents Get Hijacked

Exploit Published for Sudo CVE-2025-32463 Urgent Patch Needed

Google sues China-based Lighthouse smishing network

Romanian Waters Agency Battles Outage After Ransomware Strike

Oracle Identity Manager CVE-2025-61757 RCE: Deadline and Risk

EDR vs Antivirus for Small Business: What to Buy in 2025

GPT-5.1 Codex: Long-Horizon AI Agents Meet Enterprise Security

Iran-Linked Phishing Hits US Policy Experts with M365 and RMM

Harrods Warns Customers of Data Breach Involving Third-Party Provider

WhatsApp Enumeration Reveals Global User Directory Exposure

Windows Event Logs Reveal Enterprise Security Blind Spots

Nefilim Ransomware Affiliate Pleads Guilty After Capture

Chinese PlushDaemon APT Turns Routers into Software Traps

Side-Channel on Streaming AI: Whisper Leak and the Real Fixes