Apache Camel Exploit Attempt by Vulnerability Scans

A recently patched vulnerability in Apache Camel has been integrated into some vulnerability scanners, like for example OpenVAS. We do see some exploit attempts in our honeypots, but they appear to be part of internal vulnerablity scans

https://isc.sans.edu/diary/Apache%20Camel%20Exploit%20Attempt%20by%20Vulnerability%20Scan%20%28CVE-2025-27636%2C%20CVE-2025-29891%29/31814

New Security Requirements for Certificate Authorities

Starting in July, certificate authorities need to verify domain ownership data from multiple viewpoints around the internet. They will also have to use linters to verify certificate requests.

https://security.googleblog.com/2025/03/new-security-requirements-adopted-by.html

Possible Oracle Breach

Oracle still denies being the victim of a data berach as leaked data may show different.

https://doublepulsar.com/oracle-attempt-to-hide-serious-cybersecurity-incident-from-customers-in-oracle-saas-service-9231c8daff4a

https://www.theregister.com/2025/03/30/infosec_news_in_brief/

https://www.darkreading.com/cyberattacks-data-breaches/oracle-still-denies-breach-researchers-persist