Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A critical vulnerability (CVE-2025-61882) has been identified in Oracle E-Business Suite, specifically impacting the Concurrent Processing component through its BI Publisher Integration. This widely used enterprise resource planning platform is deployed across finance, HR, procurement, and other critical business functions, making any compromise potentially devastating.

Organizations are faced with an increasingly complex and rapidly evolving threat environment. Cybersecurity plays a vital role in governance, risk management, and compliance (GRC), serving as a critical safeguard against emerging threats. As organizations integrate robust cybersecurity measures within their GRC frameworks, they are better positioned to protect their data, maintain operational integrity, and ensure compliance with regulatory requirements.

For months now, journalists and cybersecurity experts, including UpGuard, have been following the movements of the hacker collective “Scattered Lapsus$ Hunters,” a sort of supergroup of the already well-known cybercriminal entities ShinyHunters, Scattered Spider and Lapsus$. Now, this collective has launched a website where they can extort payment from entities in return for delisting and deleting their data.

Organizations across the globe are witnessing an unprecedented pace of transformation. In the ever-evolving landscape of governance, risk management, and compliance (GRC), staying ahead of change is more critical than ever. Successful companies are embracing dynamic change management policies to integrate GRC seamlessly into their strategic operations. The landscape of GRC is evolving.

As businesses expand, so do their lists of third-party vendors—and with them, the number of risk factors and complexity. This increase means that security analysts are often overwhelmed by a growing number of vendor risk assessments. However, completing an assessment alone isn’t enough; its value depends on how effectively the results are communicated.

Securing your applications couldn’t be more important in today’s fast-moving world of software development. Organizations face mounting pressure to deliver innovative software at an accelerated pace, yet this speed must never compromise security. This is where DevSecOps becomes crucial. With threats constantly getting smarter, developers need effective tools to write secure code right from the start.

When a fast-scaling digital bank began seeing widespread employee adoption of generative AI tools like ChatGPT and Gemini, their security team faced a growing dilemma: how do you protect sensitive data without shutting down innovation?

Despite having modern DLP and CASB tools in place, they lacked the behavioural insights and real-time context needed to guide employee use of GenAI tools. Shadow AI use was growing, and SecOps lacked clear visibility into which incidents required intervention.