Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Mobile banking has quickly become a way of life — whether you're transferring cash on the go, checking your balance from your wristwatch, or paying dinner bills with a QR code. But with convenience, there is risk. Cybercrooks are tuning in, testing, and coming up with more ways to get in. From synthetic identities to fake apps, the threats are imminent and continuous.

The virtual world is ever-changing, as are the cybercriminals who continue to evolve in order to circumvent even the strongest security systems. The newest threat to hit the headlines is CoffeeLoader—a second-stage payload dropper designed to bypass endpoint security tools, digital forensic tools, and EDR (Endpoint Detection and Response) tools.

Recently, a new ransomware group, Anubis, has emerged, making its presence known on Twitter. The Foresiet Threat Intel team monitored their activity and observed a new ransomware operation being advertised on their account. The group updated their profile picture and began posting about their latest breaches. Through analysis of their communication patterns and language, Foresiet has determined that the operators behind Anubis likely belong to a Russian-speaking threat group.

Over the past few days, we have been in direct contact with a hacker who goes by the alias Rose87168. He claims to have breached Oracle Cloud systems, specifically targeting Oracle WebLogic and Oracle Access Manager (OAM). The hacker has provided us with multiple files and data samples, including a tree file and a 10,000-line dataset, which allegedly contain sensitive configuration files, user authentication data, and directory structures from Oracle's infrastructure.

On March 20, 2025, a threat actor known as Rose87168 posted on the dark web, claiming to be selling breached Oracle Cloud Traditional servers along with approximately 6 million exfiltrated user records. The hacker did not mention the price for the stolen data. He alleged that critical information, including SSO (Single Sign-On) and LDAP credentials, Java Keystore (JKS) files, passwords, and authentication keys, was stolen from Oracle’s login infrastructure.

In a record-breaking transaction that reflects the increasing importance of multicloud security, Google is to acquire cloud security giant Wiz in a whopping $32 billion all-cash deal. The largest deal by Google so far, the buyout marks a seismic step ahead in its cloud security offerings. As cyber threats continue to evolve at a record pace, businesses are looking for better, AI-driven solutions to protect their cloud-based digital properties.

The newly found Windows shortcut vulnerability is now being actively exploited by state-sponsored Advanced Persistent Threat (APT) actors to execute covert malicious commands. According to new research conducted by Trend Micro's Zero Day Initiative (ZDI), the vulnerability, designated as ZDI-CAN-25373, is now being exploited by Chinese, Iranian, North Korean, and Russian threat actors for worldwide cyber espionage and data theft.

]India has emerged as the globe's number one cyberattack target, with advanced persistent threat (APT) groups and hacktivist groups escalating their cyber assaults. From denial-of-service (DDoS) attacks to high-profile data breaches, cybercriminals are exploiting vulnerabilities in India's rapidly digitizing landscape.

Cybersecurity Compliance Simplified: Governing Changing Rules and Reducing Risks cybersecurity-compliance-simplified-governing-changing-rules-and-reducing-risks Introduction With the increasing presence of sophisticated cyber threats, governments around the globe are enhancing regulations to safeguard sensitive information and key infrastructure. Not only do organizations have to be compliant with the regulations, but they also have to have sound risk management systems to safeguard their online assets.

With cybercriminals becoming increasingly more sophisticated, utilizing the latest tools such as generative AI and SaaS exploits, the cybersecurity world in 2025 appears to be more convoluted than ever before. From compromised credentials-driven SaaS attacks to social engineering-based fraud facilitated through deepfakes, CISOs need to remain ahead with insightful recommendations.