Summary: The cybersecurity landscape is plagued by persistent threats stemming from unpatched systems, oversights, and social engineering tactics that facilitate breaches. This report highlights significant vulnerabilities and recent breaches linked to well-known organizations and emerging threat actors. The trends illustrate a critical need for companies to prioritize security measures against increasingly sophisticated attacks.
Affected: Multiple organizations and systems including Ivanti, GitHub, and Oracle
Keypoints :
- UNC5221 exploited a patched Ivanti flaw to deploy malware, highlighting the risks of unpatched systems.
- EncryptHub, a unique cybercriminal, operated both maliciously and legitimately, using AI in their attacks.
- Supply chain attacks traced back to compromised GitHub Actions demonstrate deep vulnerabilities in software systems.
- The emergence of new malware like Triton RAT and Arcanum illustrates the evolving tactics used by threat actors.
- Credential-based attacks are on the rise, making identity management essential for corporate security.
Source: https://thehackernews.com/2025/04/weekly-recap-vpn-exploits-oracles.html