criticalNation-State & APT
Nation-State Activity Roundup: Oracle Critical RCE, North Korean IT Worker Infiltration, Dark Web Takedown
Oracle released emergency patches for a critical unauthenticated RCE vulnerability in Identity Manager (CVE-2026-21992, CVSS 9.8). Meanwhile, a US soldier received sentencing for helping North Korean IT workers infiltrate companies using stolen identities, highlighting ongoing DPRK revenue generation tactics.
Security Affairs, The Record
oraclercenorth-korea
🇺🇸Oracle Data Cloud