Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On March 20, 2025, a threat actor known as Rose87168 posted on the dark web, claiming to be selling breached Oracle Cloud Traditional servers along with approximately 6 million exfiltrated user records. The hacker did not mention the price for the stolen data. He alleged that critical information, including SSO (Single Sign-On) and LDAP credentials, Java Keystore (JKS) files, passwords, and authentication keys, was stolen from Oracle’s login infrastructure.

On March 20, a relatively unknown user on Breach Forums posted the allegation that Oracle had suffered a data breach. According to published reports, the attacker claimed that 6 million customer records were exfiltrated from Oracle's SSO and LDAP systems. The threat actor behind the post is allegedly offering to sell the data, providing multiple purchasing options based on company name, hashed credentials, and other sensitive information.

On March 14, 2025, a critical supply chain attack targeted the widely used GitHub Action tj-actions/changed-files. This action, utilized in over 23,000 repositories, was compromised when attackers injected malicious code, causing CI/CD pipeline secrets to be exposed in GitHub Actions logs. This breach raised serious concerns regarding the security of GitHub Actions and the importance of implementing robust security measures in CI/CD workflows.

We’re excited to share that 11:11 Systems has once again earned a prestigious 5-Star Rating in the CRN Partner Program Guide—marking our eighth consecutive year! This recognition highlights our commitment to helping partners grow with the right tools, training, and support to navigate today’s complex IT landscape.

The latest iteration of the Cybersecurity Maturity Model Certification (CMMC) just came into force, and there is much to discuss about how security professionals can get up to speed on meeting its requirements.

Depending on the size of your organization, its needs, industry regulations and security risks, how often you review privileged access can vary. However, a best practice for most organizations is to review privileged access quarterly to maintain a strong security posture. Continue reading to learn more about the importance of reviewing privileged access regularly, best practices and how KeeperPAM streamlines privileged access reviews.

Security leaders in the life sciences and health technology fields know how important it is to safeguard sensitive data like protected health information (PHI), personally identifiable information (PII), and confidential research data. They also know what’s at stake with a security breach or data exfiltration event. But what’s not always clear is how to find the right solution to keep all that data safe.

According to Salt Security's 2024 State of API Security Report, 80% of API attacks attempt to exploit one or more OWASP API Security Top 10 vulnerabilities. Yet, only 58% of organizations prioritize protection against these well-known threats. This gap leaves many businesses exposed to cyber risks that could have been prevented. Investing in API testing tools helps safeguard your mobile application ecosystem against evolving threats.

Securing a Higher Education Campus remains a significant challenge. There is a direct conflict between the open collaborative nature of our advanced institutes of learning and the perennial need to lock down all sources and targets of cyber threats. For example, in an EDUCAUSE survey, it identified cybersecurity as the number one IT issue for universities in 2024, reflecting the immense pressure on security teams.

On March 11, 2025, a supply chain attack targeting the widely used GitHub Action reviewdog/action-setup@v1, leading to the exposure of sensitive CI/CD secrets across multiple repositories. The attack was identified by Wiz Research, which determined that this compromise played a pivotal role in the tj-actions/changed-files incident (Wiz, 2025).