Jai Vijayan

Naperville

Independent journalist and tech content creation specialist covering data security and privacy, business intelligence, big data and data analytics

Articles

Multiple Groups Exploit NTLM Flaw in Microsoft Windows

1 week ago | darkreading.com | Jai Vijayan

Multiple attackers are actively exploiting a recently patched Windows vulnerability that exposes authentication credentials, despite Microsoft releasing a fix for it in March. CVE-2025-24054 is an NTLM (for NT LAN Manager) hash disclosure spoofing vulnerability that Microsoft identified as being of moderate severity and something that attackers were less likely to exploit, even though it requires only minimal user interaction to trigger.
Max Severity Bug in Apache Roller Enabled Persistent Access

1 week ago | darkreading.com | Jai Vijayan

The maintainers of the Apache Roller open source blogging platform patched a maximum severity bug that allowed continued access to the app even after a user changed their password. The issue had to do with insufficient session expiration, a vulnerability that occurs when a system or app fails to invalidate an existing user's active session after a password change.
AI Code Tools Widely Hallucinate Packages

1 week ago | darkreading.com | Jai Vijayan

The tendency of code-generating large language models (LLMs) to produce completely fictitious package names in response to certain prompts is significantly more widespread than commonly recognized, a new study has shown. Researchers at the University of Texas at San Antonio (UTSA), the University of Oklahoma, and Virginia Tech recently analyzed 16 widely used code-generating LLMs and two prompt datasets to get an understanding of the scope of the package hallucination problem.
Oracle Appears to Admit Breach of 2 'Obsolete' Servers

2 weeks ago | darkreading.com | Jai Vijayan

After weeks of carefully worded denials, Oracle on April 7 appears to have notified an unknown number of its customers of a breach involving two servers containing usernames and passwords. A supposed copy of Oracle's breach notification appeared on social media this week, but the company has yet to confirm to Dark Reading whether it indeed issued the advisory to customers — or how widely disseminated it was.
Microsoft Drops Another Massive Patch Update

2 weeks ago | darkreading.com | Jai Vijayan

For the second time in 2025, Microsoft has dropped a security update stuffed with fixes for more than 100 vulnerabilities, setting up Windows admins for yet another all-hands-on-deck patching marathon. Microsoft's April Patch Tuesday update addresses 126 vulnerabilities, including a zero-day flaw that attackers are already exploiting in the wild and 11 others deemed more likely to be targeted in the future.
ToddyCat APT Targets ESET Bug to Load Silent Malware

2 weeks ago | darkreading.com | Jai Vijayan

The Chinese-speaking ToddyCat advanced persistent threat (APT) group is targeting a security vulnerability in ESET's antivirus software to silently execute malicious payloads on infected devices. Kaspersky reported the dynamic link library (DLL) search order hijacking vulnerability CVE-2024-11859 to ESET several months ago. The vendor issued a patch for it in January, before publicly disclosing the issue on April 4.
China-Linked Threat Group Exploits Ivanti Bug

2 weeks ago | darkreading.com | Jai Vijayan

A likely China-nexus cyber-espionage group is actively exploiting a vulnerability in certain versions of Ivanti's Connect Secure, Policy Secure, and ZTA gateway products to drop two dangerous new malware families on target systems. Ivanti fixed the buffer overflow flaw, CVE-2025-22457, in February and at the time characterized it as a low risk to customers.
Surge in Scans on PAN GlobalProtect VPNs Hints at Attacks

3 weeks ago | darkreading.com | Jai Vijayan

Organizations relying on Palo Alto Networks' GlobalProtect VPN for secure remote access should stay vigilant for any signs of a security breach. In recent weeks, there has been a sharp spike in scanning activity targeting the VPN's management interface, potentially signaling upcoming attacks. Security researchers at GreyNoise who first detected the activity reported nearly 24,000 unique IP addresses attempted to access the interfaces.
Oracle Cloud Users Urged to Take Action

3 weeks ago | darkreading.com | Jai Vijayan

With Oracle not budging from its denial of a breach that a growing number of security experts believe occurred, some are urging the company's cloud customers to take immediate steps to verify if their data was compromised and to protect against any resulting misuse.
Oracle Still Denies Breach as Researchers Persist

3 weeks ago | darkreading.com | Jai Vijayan

Oracle this week steadfastly continued to deny an alleged breach of its Oracle Cloud environment even as some security researchers doubled down on their analysis suggesting otherwise. The conflicting narratives could create a perplexing situation for Oracle customers, creating uncertainty about whether to take urgent security measures or trust the company's assurances that no breach occurred.