FBI Cyber Division

The FBI and our partners have seized domains associated with BreachForums, a major criminal marketplace used by ShinyHunters, Baphomet, and IntelBroker to traffic stolen data and facilitate extortion. This takedown removes access to a key hub used by these actors to monetize intrusions, recruit collaborators, and target victims across multiple sectors. It demonstrates the reach of coordinated international law enforcement operations to impose cost on those behind cybercrime.

The FBI urges all organizations using Red Hat’s OpenShift AI platform to address a 9.9/10 security flaw. It allows an attacker with authenticated access to a low-privileged account to escalate privileges, potentially leading to stolen data, disrupted services, and complete takeover of the underlying infrastructure.   If you have OpenShift deployed in your environment, urgent action is needed to prevent exploitation. The vulnerability can be fixed by upgrading to version 2.16.3 or by following the mitigation steps described here: https://lnkd.in/eVREAyp4   𝘋𝘐𝘚𝘊𝘓𝘈𝘐𝘔𝘌𝘙: 𝘛𝘩𝘪𝘴 𝘪𝘴 𝘣𝘦𝘪𝘯𝘨 𝘱𝘳𝘰𝘷𝘪𝘥𝘦𝘥 “𝘢𝘴 𝘪𝘴” 𝘧𝘰𝘳 𝘪𝘯𝘧𝘰𝘳𝘮𝘢𝘵𝘪𝘰𝘯𝘢𝘭 𝘱𝘶𝘳𝘱𝘰𝘴𝘦𝘴 𝘰𝘯𝘭𝘺. 𝘛𝘩𝘦 𝘍𝘉𝘐 𝘩𝘢𝘴 𝘯𝘰𝘵 𝘦𝘷𝘢𝘭𝘶𝘢𝘵𝘦𝘥 𝘰𝘳 𝘷𝘢𝘭𝘪𝘥𝘢𝘵𝘦𝘥 𝘵𝘩𝘪𝘳𝘥-𝘱𝘢𝘳𝘵𝘺 𝘳𝘦𝘤𝘰𝘮𝘮𝘦𝘯𝘥𝘦𝘥 𝘮𝘪𝘵𝘪𝘨𝘢𝘵𝘪𝘰𝘯𝘴

Oracle just issued a Security Alert for CVE-2025-61882, a remote code execution vulnerability (CVSS 9.8 – Critical) affecting Oracle E-Business Suite versions 12.2.3 through 12.2.14. The vulnerability allows unauthenticated attackers to execute code remotely over HTTP without user interaction. In plain terms: if your EBS environment is reachable on the network, and especially if it’s internet facing, it’s at risk for full compromise. This is “stop-what-you’re-doing and patch immediately” vulnerability. The bad guys are likely already exploiting it in the wild, and the race is on before others identify and target vulnerable systems. What to do right now: 1. Apply Oracle’s patch. 2. Confirm you’ve applied the October 2023 Critical Patch Update first — it’s a prerequisite. 3. Isolate or firewall EBS servers so BI Publisher/Concurrent Processing components aren’t network-exposed. 4. Review Oracle’s published IOCs and hunt. 5. Monitor your threat intel feeds — exploit activity could escalate quickly. Act quickly. Attackers have every incentive to weaponize this one fast. Find CVE info here: https://lnkd.in/e7_Vhr8A As always, if you suspect compromise, please contact your local FBI field office.

Every second, cyber threats evolve. At the FBI, we don’t just react – we pursue, we protect, and we stay ahead. Your technical expertise could stop the next big threat before it ever happens. Whether you’re in cybersecurity, digital forensics, data science, cloud or network engineering, system administration, or artificial intelligence, the FBI needs you to defend what matters most. It isn’t just information technology – it’s national security. To learn more about FBI technology career opportunities, visit https://fbijobs.gov/

You can't defend what you don't know you have. This guidance document on creating a definitive operational technology (OT) record was led by NCSC-UK and co-authored by the FBI, CISA, and other partners. It provides suggestions on how OT organizations should build, maintain, and store their systems information: https://lnkd.in/eN5ZQKAZ

At the FBI, we rise because we have the fire to go further—further than the job description, further than our comfort zone, further than what’s expected.   That fire turns experience into expertise and sets the standard for federal law enforcement. It moves us forward when others take a step back, to put country over comfort, and to hold steady when the stakes are highest.   We don’t do this work because it’s easy; we do it because it matters. Do you have the fire to go further? Become an FBI special agent. Visit FBI Jobs to learn about career opportunities https://fbijobs.gov/

Last month, a team of FBI computer experts claimed its fourth straight victory in a “capture the flag” (CTF) competition at DEF CON 33. The team competed in the CTF hosted by Blue Team Village, a dedicated space within DEF CON for network defenders and others focused on cybersecurity and incident response. CTFs challenge participants to find a text string or other piece of information (a “flag”) hidden in a computer environment that is vulnerable or already compromised. The format can be adapted for defensive or forensic purposes, also known as "blue team" competitions. These competitions draw inspiration from the latest cyber threats and simulate real-world victim engagements for FBI personnel. As the lead federal agency for investigating cyberattacks and intrusions, the FBI works hard to defend the homeland by refining our technical skills and keeping up with the adversary.

The FBI has released a PSA warning that threat actors are spoofing the FBI’s Internet Crime Complaint Center (IC3) website to steal personal information and engage in monetary scams. Click for tips to protect yourself from fake websites and avoid being scammed: https://lnkd.in/e2jdg3vP

Today, the FBI and the Department of Justice announced charges against UK national Thalha Jubair, who was arrested on Tuesday for alleged participation in a sweeping cyber extortion scheme by the Scattered Spider criminal group. Jubair and his associates were involved in approximately 120 network intrusions, which affected at least 47 US-based victims. Collectively, victims paid more than $115 million in ransom payments. https://lnkd.in/ei92bHmj

Yesterday, the FBI and the Department of Justice announced that Conor Fitzpatrick, founder of the cybercriminal marketplace BreachForums, was resentenced to three years in prison. The FBI is working tirelessly to dismantle criminal marketplaces like BreachForums, and we are pursuing the full range of actors who run these platforms. https://lnkd.in/en3mMuG2