Mandiant and Google Threat Intelligence Group (GTIG) have issued a critical warning after identifying an active compromise-and-extortion campaign targeting Oracle PeopleSoft infrastructure, attributed to the notorious threat actor UNC6240, also known as ShinyHunters. The campaign exploited CVE-2026-35273, a critical unauthenticated…
Tag: EN
Microsoft Teams for Android Vulnerability Allows Attackers to Disclose Sensitive Data
Microsoft has disclosed a significant security vulnerability in Microsoft Teams for Android that could allow an authenticated attacker to expose sensitive information over a network. The flaw, tracked as CVE-2026-42835, was officially released on June 9, 2026, and has been…
New infosec products of the week: June 12, 2026
Here’s a look at the most interesting products from the past week, featuring releases from AISLE, Drata, Elastic, Filigran, IDnow, and Ridge Security. RidgeBot 7.0 automates Active Directory attack simulations for security validation Ridge Security has announced the release of…
Europe’s digital identity wallet gets its first set of standards
People across the European Union already use their phones for banking, travel, and government services. The European Digital Identity Wallet will bring those activities into one application, and the European Telecommunications Standards Institute (ETSI) has released the first standards that…
Anthropic Warns AI Risks Are Real, RoguePlanet Zero-Day Drops, Crypto Laundering Takedown
Anthropic is calling for governments to have the authority to stop deployment of advanced AI systems that pose unacceptable risks. CEO Dario Amodei points to the company’s Mythos cybersecurity model as proof that AI has become a matter of national…
France’s Tchap Breach: 650,000 Messages, 73,000 Accounts Exposed
Meta description: French officials are investigating a Tchap breach after an attacker claimed that 650,000 messages and 73,000 accounts were exposed via a hijacked account. The post France’s Tchap Breach: 650,000 Messages, 73,000 Accounts Exposed appeared first on TechRepublic. This…
CISA Warning: LiteLLM Flaw Could Expose Enterprise AI Gateways
CISA’s LiteLLM warning shows why AI gateways and agents need service account governance, scoped access, credential rotation, and audit trails. The post CISA Warning: LiteLLM Flaw Could Expose Enterprise AI Gateways appeared first on TechRepublic. This article has been indexed…
Microsoft Restricts Claude Fable 5 Access Amid AI Safety Review
Microsoft reportedly limited internal use of Claude Fable 5 while legal teams review Anthropic’s 30-day data-retention policy. The post Microsoft Restricts Claude Fable 5 Access Amid AI Safety Review appeared first on TechRepublic. This article has been indexed from Security…
South Korea Drops a $409M Fine on Coupang in Historic Data Breach Ruling
South Korea fined Coupang $409 million after regulators said weak security controls led to a massive breach affecting 37.5 million accounts. The post South Korea Drops a $409M Fine on Coupang in Historic Data Breach Ruling appeared first on TechRepublic.…
ShinyHunters hacked 100+ orgs by exploiting an Oracle PeopleSoft 0-day
University of Nottingham is first of many, Shiny tells The Reg This article has been indexed from www.theregister.com – Articles Read the original article: ShinyHunters hacked 100+ orgs by exploiting an Oracle PeopleSoft 0-day
ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities
The ShinyHunters extortion crew exploited an unpatched flaw in Oracle PeopleSoft to break into enterprise systems, steal data, and demand payment to keep it private. The campaign hit universities hardest. Google’s Mandiant attributes it to the group it tracks as…
Oracle warns of security bug that hackers abused to breach 100+ companies
The tech giant warned of a security flaw that a cybercrime gang said it’s exploiting as part of a mass-hacking campaign. Google said it notified more than 100 organizations that had potentially vulnerable servers. This article has been indexed from…
SIG report: AI-generated code is linked to twice the security risk and rising technical debt
AI-supported coding has progressed from experimental to the norm in organizations, yet technical debt, security risks, and costs could be piling up much faster than anyone realizes. This is one of the key takeaways from the Software Improvement Group (SIG)…
Red Card: The 2026 FIFA World Cup Scam Landscape
Fake ticket portals, counterfeit merch, fake Panini storefronts, and deepfake gambling ads: a look into the malvertising-enabled campaigns active before the first whistle. This article has been indexed from Confiant Read the original article: Red Card: The 2026 FIFA World…
ShinyHunters Leak 40GB of University of Nottingham Student Data
ShinyHunters hackers leak 40GB of University of Nottingham personal and financial data, allegedly impacting 450,000 students and staff records. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: ShinyHunters Leak…
Grok Is Still Hosting Sexualized Deepfakes of Famous Women
A WIRED investigation found dozens of “nudified” deepfake images and videos on Grok’s website, including nonconsensual depictions of celebrities and at least one prominent US politician. This article has been indexed from Security Latest Read the original article: Grok Is…
ShinyHunters Targets Education Sector with Oracle PeopleSoft Exploit
Introduction Mandiant and Google Threat Intelligence Group (GTIG) have identified an active compromise and extortion campaign attributed to UNC6240 (ShinyHunters) targeting Oracle PeopleSoft application infrastructure. The activity was observed between May 27, 2026, and June 9, 2026 and is consistent…
The prosecution gap: Why cybercrimes go unpunished
<p>Cybercrime activity is rapidly escalating as attackers continue to explore both established and novel methods to defraud victims of their assets. The “FBI Internet Crime Report 2025” logged more than one million cybercrime complaints for the first time in the…
How to build AI security guardrails without blocking innovation
<p>While adoption of AI tools has surged, security has not kept pace.</p> <p>McKinsey’s “State of AI: Global Survey 2025” found that 88% of organizations now use AI in at least one business function. IBM’s “Cost of a Data Breach Report…
ShinyHunters claims it hacked 100 orgs by exploiting an Oracle PeopleSoft 0-day
University of Nottingham is first of many, Shiny tells The Reg This article has been indexed from www.theregister.com – Articles Read the original article: ShinyHunters claims it hacked 100 orgs by exploiting an Oracle PeopleSoft 0-day