Over Security

Over Security

33608 bookmarks
Custom sorting
Nissan discloses employee data breach linked to Oracle zero-day attacks
Nissan discloses employee data breach linked to Oracle zero-day attacks
Nissan is warning that it suffered a data breach affecting current and former employees after threat actors exploited an Oracle PeopleSoft vulnerability in data theft attacks previously linked to the ShinyHunters extortion group.
·bleepingcomputer.com·
Nissan discloses employee data breach linked to Oracle zero-day attacks
NAIC says public data stolen in ShinyHunters' PeopleSoft breach
NAIC says public data stolen in ShinyHunters' PeopleSoft breach
The National Association of Insurance Commissioners (NAIC) says the ShinyHunters extortion group stole only publicly available data, outdated logs, and configuration files after breaching its systems by exploiting a zero-day vulnerability in an Oracle PeopleSoft server.
·bleepingcomputer.com·
NAIC says public data stolen in ShinyHunters' PeopleSoft breach
Kali Linux 2026.2 Release (GNOME 50, KDE 6.6, Helper Scripts, APT Formats & VM Boot Tweaking)
Kali Linux 2026.2 Release (GNOME 50, KDE 6.6, Helper Scripts, APT Formats & VM Boot Tweaking)
It’s the final week of Q2, and Kali Linux 2026.2 is here - right on schedule ;) We have been heads down since our last release, and we are ready to share what we have been working on. This release is a mix of desktop refreshes, infrastructure improvements, and quality-of-life changes that we think you will appreciate.
·kali.org·
Kali Linux 2026.2 Release (GNOME 50, KDE 6.6, Helper Scripts, APT Formats & VM Boot Tweaking)
U.S. offers $10 million for hackers targeting WhatsApp, Signal users
U.S. offers $10 million for hackers targeting WhatsApp, Signal users
The U.S. Department of State is offering up to $10 million for information that helps identify or locate members of the UNC5792 and UNC4221 hacker groups, which are linked to Russia's intelligence and military services.
·bleepingcomputer.com·
U.S. offers $10 million for hackers targeting WhatsApp, Signal users
Critical SimpleHelp flaw exploited to deploy new stealer malware
Critical SimpleHelp flaw exploited to deploy new stealer malware
Hackers are exploiting a recently disclosed critical vulnerability (CVE-2026-48558) in SimpleHelp to deploy Djinn Stealer, a previously undocumented cross-platform information stealer targeting Windows, macOS, and Linux.
·bleepingcomputer.com·
Critical SimpleHelp flaw exploited to deploy new stealer malware
Agentic AI Has an Identity Problem and Attackers Know It
Agentic AI Has an Identity Problem and Attackers Know It
AI agents can access data, trigger workflows, and take action across enterprise systems. Token Security explains why governing these privileged identities is becoming essential for enterprise security.
·bleepingcomputer.com·
Agentic AI Has an Identity Problem and Attackers Know It
Flash Alert: From Bing Search to Ransomware: Bumblebee and AdaptixC2 Deliver Akira
Flash Alert: From Bing Search to Ransomware: Bumblebee and AdaptixC2 Deliver Akira
Overview Bumblebee malware has been an initial access tool used by threat actors since late 2021. In 2023 the malware was first reported as using SEO poisoning as a delivery mechanism. Recently in May of 2025 Cyjax reported on a campaign using this method again, impersonating various IT tools. We observed a similar campaign in […]
·thedfirreport.com·
Flash Alert: From Bing Search to Ransomware: Bumblebee and AdaptixC2 Deliver Akira
From Bing Search to Ransomware: Bumblebee and AdaptixC2 Deliver Akira
From Bing Search to Ransomware: Bumblebee and AdaptixC2 Deliver Akira
Key Takeaways This case was first reported to customers in a threat brief released in July 2025 and in a public flash alert in August 2025 in partnership with Swisscom B2B CSIRT, which observed another intrusion tied to the same campaign. This report contains data from both intrusions. We plan to release a DFIR Labs […]
·thedfirreport.com·
From Bing Search to Ransomware: Bumblebee and AdaptixC2 Deliver Akira
ChatGPT Enterprise e IA generativa in azienda: gli obblighi tra normative, proprietà intellettuale e cyber
ChatGPT Enterprise e IA generativa in azienda: gli obblighi tra normative, proprietà intellettuale e cyber
Il recente intervento del Garante Privacy nei confronti della start-upMyndoor dimostra che l'introduzione di ChatGPT Enterprise in azienda è ormai un tema giuridico e organizzativo, e non più solo tecnologico. Ecco le misure di governance necessarie per coniugare innovazione, tutela dei lavoratori, protezione dei dati e cyber
·cybersecurity360.it·
ChatGPT Enterprise e IA generativa in azienda: gli obblighi tra normative, proprietà intellettuale e cyber
Hackers now exploit critical Oracle E-Business flaw in attacks
Hackers now exploit critical Oracle E-Business flaw in attacks
Attackers have begun exploiting a critical vulnerability (CVE-2026-46817) in the Oracle E-Business Suite (EBS) financial application, according to threat intelligence company Defused.
·bleepingcomputer.com·
Hackers now exploit critical Oracle E-Business flaw in attacks
Webinar: Why business email compromise attacks keep succeeding
Webinar: Why business email compromise attacks keep succeeding
Business email compromise attacks increasingly rely on convincing impersonation rather than malware, making them harder for employees and traditional email defenses to detect. This webinar explores how behavioral AI can help identify sophisticated email threats and automate response workflows.
·bleepingcomputer.com·
Webinar: Why business email compromise attacks keep succeeding