Oracle Confirms “Obsolete Servers” Hacked

Article link: https://www.bleepingcomputer.com/news/security/oracle-says-obsolete-servers-hacked-denies-cloud-breach/   

• Oracle confirmed that a set of legacy servers were compromised but emphasized that the breach did not impact its cloud infrastructure or customer environments. The affected systems were described as “obsolete” and already scheduled for decommissioning.
• The company issued the clarification after a threat actor claimed to have breached Oracle Cloud and exfiltrated sensitive customer data. Oracle denied those allegations, stating there was no evidence of a broader intrusion.
• The incident appears to have been limited in scope, involving non-production assets. Oracle has not disclosed the specific method of compromise or what data, if any, was accessed.
• While the company asserts no customer impact, the event highlights ongoing risks associated with maintaining outdated systems. Oracle continues to investigate and monitor for any related threats.

Phishing Kits Now Vet Victims in Real-Time Before Stealing Credentials

Article link: https://www.bleepingcomputer.com/news/security/phishing-kits-now-vet-victims-in-real-time-before-stealing-credentials/   

• Security researchers have discovered advanced phishing kits that now perform real-time victim validation before credential theft occurs. These kits check IP reputation, browser type, and device details to confirm target legitimacy.
• If the visitor doesn’t meet certain parameters—such as appearing to be a security researcher or bot—the phishing page displays benign content instead of a fake login prompt. This reduces detection by analysts and automated systems.
• The kits’ use of live verification shows how phishing tools are becoming more adaptive and selective, prioritizing stealth over volume. Attackers are refining their tactics to evade common monitoring techniques.
• The findings point to a growing need for behavioral analysis and dynamic email security tools. Traditional signature-based detection may miss these more sophisticated phishing campaigns entirely.

Neptune RAT Malware in Windows: Beware of YouTube & Telegram Links

Article link: https://www.maketecheasier.com/neptune-rat-malware-in-windows/  

• Neptune RAT is a recently discovered remote access trojan spread via YouTube video descriptions and Telegram chats, often disguised as game cheats and capable of stealing credentials from 270+ apps.
• Once installed, the RAT enables attackers to capture browser credentials, access cryptocurrency wallets, and activate webcams. Its stealth and distribution method pose major risks to casual users.
• The article offers solutions for blocking Neptune RAT to users who know PowerShell, activating its “Constrained Language mode” feature, restricting an application to performing only basic tasks.
• Less technical users are urged to avoid downloading software from unverified links in video descriptions. The malware’s reach is amplified by YouTube’s massive audience.
• Technical analysis: https://www.cyfirma.com/research/neptune-rat-an-advanced-windows-rat-with-system-destruction-capabilities-and-password-exfiltration-from-270-applications/  

NIST Deprioritizes Pre-2018 CVEs as Backlog Struggles Continue

Article link: https://securityboulevard.com/2025/04/nist-deprioritizes-pre-2018-cves-as-backlog-struggles-continue/

• NIST’s National Vulnerability Database (NVD) has officially deprioritized processing CVEs reported before 2018, citing resource limitations and a persistent backlog. This move is intended to help address more recent vulnerabilities faster.
• The NVD has been under pressure due to staffing shortages and a rapid increase in CVE submissions. Security stakeholders have voiced concern about reduced visibility into older vulnerabilities.
• While pre-2018 vulnerabilities won’t be entirely ignored, they will no longer be updated with detailed metadata or scoring unless deemed critical. This shift could impact threat modeling and patch prioritization workflows.
• Security professionals are encouraged to cross-reference multiple databases and not rely solely on the NVD. The reprioritization signals broader systemic challenges in public vulnerability tracking infrastructure.

Explosive Growth of Non-Human Identities Creating Massive Security Blind Spots

Article link: https://thehackernews.com/2025/04/explosive-growth-of-non-human.html

• The number of non-human identities—such as API keys, service accounts, and machine tokens—has surged in modern cloud environments, creating widespread visibility gaps. GitGuardian’s 2025 report highlights this growing attack surface.
• With over 12 million hardcoded secrets found in public and private codebases, the risk posed by unmanaged non-human identities continues to escalate. Most organizations lack adequate tooling to track or revoke them.
• These secrets often go undetected in development pipelines, making them a prime target for attackers looking to pivot within cloud or CI/CD environments.
• The report urges security teams to prioritize secret management, automate discovery processes, and audit permissions regularly. As machine-to-machine communication grows, these overlooked assets demand tighter control.
• Report: https://www.gitguardian.com/state-of-secrets-sprawl-report-2025

Why CISOs Are Doubling Down on Cyber Crisis Simulations

Article link: https://www.helpnetsecurity.com/2025/04/09/ciso-cyber-crisis-simulations/

• CISOs are investing heavily in cyber crisis simulations as ransomware, data breaches, and third-party incidents become more complex. These exercises help organizations test real-time response capabilities and executive alignment.
• Simulations increasingly involve executive leadership, legal teams, and communications staff—not just technical responders. This shift reflects the broader business impact of modern cyber events.
• Organizations that practice regularly report faster containment times and fewer internal coordination issues during actual incidents. The exercises also expose gaps in tooling, authority, and crisis communications.
• Experts recommend quarterly or biannual simulations that include realistic threat scenarios. As the regulatory landscape tightens, proactive planning is becoming a critical expectation for enterprise cybersecurity leaders.

Transforming Cybersecurity into a Strategic Business Enabler

Article link: https://www.helpnetsecurity.com/2025/04/09/kevin-serafin-ecolab-cybersecurity-strategy-business/  

• In an interview with HelpNet Security, Kevin Serafin, VP and CISO at Ecolab, argues that cybersecurity must evolve beyond a defensive function to become a business enabler. Strategic alignment with enterprise goals is central to this shift.
• Rather than solely focusing on threat mitigation, Serafin emphasizes risk prioritization, secure innovation, and customer trust as core outcomes of mature cybersecurity programs.
• This transformation requires embedding security into digital transformation efforts and communicating cyber risk in business terms. Security teams must also demonstrate value to leadership.
• As threat landscapes evolve, organizations that treat cybersecurity as a growth enabler—not just a cost center—are better positioned to innovate and compete safely.

Stanford’s 2025 AI Index Reveals an Industry at a Crossroads

Article link: https://www.techrepublic.com/article/news-stanford-2025-ai-index/  

• Stanford’s 2025 AI Index shows that global investment in AI reached a record $250 billion, but deployment remains uneven across sectors. The report highlights widening gaps between AI capabilities and governance.
• While technical breakthroughs continue, ethical and regulatory frameworks are lagging behind. The report urges more international collaboration to manage AI’s societal impact.
• The Index also tracks a rise in AI-related security threats, including automated disinformation, fraud, and model exploitation. Yet, only a fraction of organizations have dedicated AI risk governance.
• As the field matures, policymakers and technologists must balance innovation with accountability. The report presents both urgency and opportunity at this inflection point.
• Report: https://hai.stanford.edu/ai-index/2025-ai-index-report  

Copyright-Ignoring AI Scraper Bots Laugh at Robots.txt, So the IETF Is Trying to Improve It

Article link: https://www.theregister.com/2025/04/09/ietf_ai_preferences_working_group/  

• The Internet Engineering Task Force (IETF) has launched a new working group to improve robots.txt standards, after a surge in AI scraper bots ignoring the file’s directives. These bots harvest data from websites indiscriminately.
• Many AI training operations rely on scraped content, often without regard for copyright or publisher consent. Existing robots.txt protocols lack enforcement mechanisms or legal weight.
• The IETF initiative aims to create a machine-readable framework that clearly signals content usage permissions for AI systems. It’s also exploring how to differentiate between benign crawlers and large-scale extractors.
• Web administrators and content owners are closely watching the proposal, as the AI industry’s appetite for data continues to outpace current technical boundaries.