Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability — now tracked as CVE-2025-61882 — targeting Oracle E-Business Suite (EBS) applications for the purposes of data exfiltration. CrowdStrike Intelligence assesses with moderate confidence that GRACEFUL SPIDER is likely involved in this campaign but cannot rule out the possibility that multiple threat actors have exploited CVE-2025-61882.

We are living through the fourth industrial revolution: the age of AI. Just as with the steam, electricity, and the digital revolutions that preceded it, this leap forward requires a parallel leap in security. AI is transforming how businesses operate and how adversaries attack. They are moving at machine speed, compressing the defender’s response window from weeks to mere seconds.

The widespread availability of large language models (LLMs) has driven the rapid development of generative and agentic AI applications for business use cases. These systems can reason, plan, and act autonomously, creating security risks that traditional security tools weren’t built to handle. Their popularity has widened the attack surface, both for organizations using external LLMs and those building their own GenAI applications.

CrowdStrike is introducing the Correlation Rule Template Discovery dashboard in CrowdStrike Falcon Next-Gen SIEM to help security teams discover, adopt, and operationalize high-value detection content faster than ever. Today’s organizations are under constant pressure to stay ahead of evolving adversary tactics. They’re also ingesting security telemetry from dozens of sources: cloud platforms, endpoints, network devices, identity systems, and third-party applications.

At Fal.Con 2025, I had the privilege of addressing over 8,000 cybersecurity professionals about something that’s on my mind – and should be on all of ours: how do we fundamentally reimagine security for the age of AI? We're living through the fourth industrial revolution. The first brought us steam power, the second electricity, and the third the digital age we all know and love.

CrowdStrike has been named an innovation and growth leader in the 2025 Frost Radar: Cloud Workload Protection Platforms, positioned highest on the Innovation Index among all vendors evaluated. This marks another milestone in our mission to stop breaches with the industry's most unified and comprehensive cloud security solution.

As AI becomes an integral part of how modern applications are built and deployed, it introduces new risks and new blind spots for security teams. Large language models, machine learning packages, and embedded AI services can be hidden deep in the software supply chain or running unnoticed in production. Without purpose-built visibility, organizations risk exposing sensitive data, shipping vulnerable code, or relying on models they cannot fully govern.