Aggregator

Oracle published an out-of-band security alert for a critical vulnerability in Oracle Identity Manager and Oracle Web Services Manager, following in-the-wild exploitation of a related flaw in the same component in November 2025.

1. CVE-2026-21992 is a critical remote code execution vulnerability in Oracle Identity Manager and Oracle Web Services Manager with a CVSSv3 score of 9.8.
    
2. The vulnerability is remotely exploitable without authentication, and Oracle issued an out-of-band security alert outside of its regular quarterly Critical Patch Update cycle.
    
3. A related vulnerability in Oracle Identity Manager's REST WebServices component, CVE-2025-61757, was exploited in the wild and added to CISA's KEV catalog in November 2025.

On March 19, Oracle published an out-of-band security alert for a critical vulnerability in two Oracle Fusion Middleware products:

Oracle rarely issues out-of-band security alerts, reserving them for vulnerabilities that warrant attention outside of its quarterly Critical Patch Update (CPU) cycle. The next scheduled CPU is April 2026.

CVE-2026-21992 is a remote code execution vulnerability affecting two Oracle Fusion Middleware products: Oracle Identity Manager and Oracle Web Services Manager. An unauthenticated, remote attacker could exploit this vulnerability over HTTP to achieve code execution on a vulnerable system. The vulnerability has a CVSSv3 score of 9.8.

The vulnerability affects different components in each product. In Oracle Identity Manager, the affected component is REST WebServices. In Oracle Web Services Manager, the affected component is Web Services Security.

Out-of-band advisory signals elevated risk

Oracle describes its Security Alerts as fixes "deemed too critical to wait for distribution in the next Critical Patch Update." Oracle has issued approximately 31 Security Alerts since 2010, averaging about two per year. The decision to release CVE-2026-21992 as an out-of-band Security Alert rather than waiting for the next quarterly CPU in April 2026 is significant.

This is only the second out-of-band Security Alert Oracle has issued for Oracle Identity Manager. The first, CVE-2017-10151, was a CVSS 10.0 default account vulnerability that allowed complete compromise of Identity Manager via an unauthenticated network attack.

The urgency may be related to CVE-2025-61757, a pre-authentication RCE in Oracle Identity Manager patched in Oracle’s October 2025 CPU and added to CISA's Known Exploited Vulnerabilities (KEV) catalog in November 2025.

Researchers at Searchlight Cyber published details describing CVE-2025-61757 as an authentication bypass in Identity Manager's REST WebServices component, calling it "somewhat trivial and easily exploitable by threat actors." While CVE-2026-21992 affects the same product, component and versions, Oracle has not confirmed whether the two are related. Oracle has also not disclosed whether CVE-2026-21992 has been exploited in the wild.

Historical exploitation of Oracle Fusion Middleware vulnerabilities

Oracle Fusion Middleware has six vulnerabilities in CISA's KEV catalog. Oracle has 42 total entries across all products in the catalog.

At the time this blog post was published, there was no public proof-of-concept (PoC) available for CVE-2026-21992.

Oracle has released patches for the following affected products:

Patch details are available through the Patch Availability Document for Fusion Middleware.

A list of Tenable plugins for this vulnerability can be found on the individual CVE page for CVE-2026-21992 as they're released. This link will display all available plugins for this vulnerability, including upcoming plugins in our Plugins Pipeline.

Additionally, customers can utilize Tenable Attack Surface Management to identify public facing assets using the following query: Web Servers equals Oracle WebLogic Server

• Oracle Security Alert Advisory - CVE-2026-21992
• Breaking Oracle's Identity Manager: Pre-Auth RCE (CVE-2025-61757)

Join Tenable's Research Special Operations (RSO) Team on Tenable Connect and engage with us in the Threat Roundtable group for further discussions on the latest cyber threats.

Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.

Semgrep announced Semgrep Multimodal, a system that combines AI reasoning with rule-based analysis for detection, triage, and remediation. Its detection finds up to 8x more true positives while cutting noise by 50% compared to foundation models alone, and has already discovered dozens of zero-days at customers. Multimodal is built on Semgrep Workflows, a framework for autonomous code security – using deterministic tools and AI so security teams can encode their processes once and scale them … More →

The post Semgrep Multimodal brings AI reasoning and rule-based analysis to code security appeared first on Help Net Security.

ConductorOne has announced its AI Access Management product extension, a unified control plane for managing access to AI tools, agents, and MCP connections across the enterprise. The platform enables organizations to accelerate AI adoption while maintaining full visibility, policy enforcement, and compliance. As AI tools proliferate across the enterprise, organizations face a critical challenge: 75% of knowledge workers use AI tools today, and 78% bring their own, creating massive shadow AI risk. Meanwhile, only 18% … More →

The post ConductorOne unveils AI Access Management to accelerate secure, compliant AI adoption appeared first on Help Net Security.

Bonfy.AI announced Bonfy Adaptive Content Security (Bonfy ACS) 2.0, a platform built to secure enterprise content across all systems, applications, and AI agents – anywhere data moves, resides, or is processed. As organizations race to deploy copilots, custom AI apps, and increasingly autonomous AI agents, security leaders are struggling with blind spots around how these systems access, transform, and share sensitive data, gaps that legacy DLP and DSPM tools were never designed to handle. By … More →

The post Bonfy ACS 2.0 helps organizations control data use in AI environments appeared first on Help Net Security.

据港媒《Sing Tao Probe》（星岛探知）报道，鉴于客房内偷拍事件呈上升趋势，深圳各大酒店已开始实施更为严格的监控与防范措施。
据报道，中国内地多地均接连发生酒店客房内被安装偷拍设备的事件。部分住客在毫不知情的情况下遭到偷拍，相关偷拍视频随后被非法贩卖至网络平台。据境外媒体披露，目前据信已有超过180家酒店被发现存在偷拍设备。
在其中一起案件中，一对入住深圳某酒店的香港情侣遭到偷拍，相关视频随后在网络上疯传，致使两人在毫不知情的情况下沦为色情视频中的“主角”。而在罗湖区发生的另一起案件中，一对内地情侣同样遭到偷拍，随后更被不法分子以此为把柄进行勒索，被迫支付了3万元人民币的“封口费”。
如今，许多香港游客在入住酒店时都会随身携带偷拍设备探测仪，并对客房进行细致入微的检查，这充分折射出人们对酒店住宿期间个人隐私与人身安全日益高涨的担忧。
（以上为部分新闻引用，更多原文略）
原新闻链接：
https://www.thestandard.com.hk/social-buzz/article/327153/
杨叔：希望一直努力维系社会安全打击黑产的大深圳，不会有人因为这篇新出炉的报道，莫名亚历山大~

So，这报道说的是真的吗？
HK的朋友们，你们出门都随身带反偷拍的小设备？
可否出来分享下心得？
还有，大家都是从哪里获得那些反偷拍经验？
某音？某书？还是某tuber？
毕竟现在网上的“反偷拍大师”实在太多了

AppViewX has acquired Eos, an AI-native identity control plane for AI agents and autonomous workloads within the enterprise. By combining AppViewX’s automated CLM and PKI with Eos’s agentic governance and privileged access control, the platform delivers an integrated solution for AI agent and machine identity security. The acquisition accelerates AppViewX’s evolution into an AI-native platform, positioning the company as a leader in securing machines, workloads, and AI agents in cloud and hybrid environments. Additionally, Archit … More →

The post AppViewX acquires Eos to extend identity security to AI agents and workloads appeared first on Help Net Security.