MUST READ

Oracle PeopleSoft RCE Flaw Used as Zero-Day in Ongoing ShinyHunters Campaign

 | 

21,786 Home Cameras, No Password, No Warning

 | 

CVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch Release

 | 

OnyxC2 Malware-as-a-Service Offers Enterprise-Grade Data Theft

 | 

Chaotic Eclipse Strikes Again: New Zero-Day Unlocks BitLocker in Four Hours of Research

 | 

Fortinet patched a new critical FortiSandbox flaw

 | 

JDY Botnet Evolves After KV Takedown, Targets Military Networks

 | 

Russian APTs Still Exploiting Patched WinRAR Flaw CVE-2025-8088

 | 

U.S. CISA adds Cisco Catalyst SD-WAN, Arista Extensible Operating System (EOS), and Google Chromium V8 flaws to its Known Exploited Vulnerabilities catalog

 | 

Chaotic Eclipse Unveils RoguePlanet Exploit Targeting Fully Patched Windows

 | 

“AI Worms”, researchers demonstrate autonomous malware capable of adapting to any online device

 | 

France's Government Messaging App Tchap Got Breached

 | 

Microsoft Releases Record-Breaking Patch Tuesday With 208 CVEs

 | 

Critical Veeam RCE Flaw Lets Low-Privilege Users Take Over Backup Servers

 | 

Miasma Worm Compromises 73 Microsoft GitHub Repositories

 | 

Google fixes the fifth actively exploited Chrome zero-day of 2026

 | 

U.S. CISA adds BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities catalog

 | 

CVE-2026-23111: Linux nf_tables Flaw Enables Root Exploits

 | 

Meta Accuses NSO of Violating WhatsApp Court Injunction

 | 

Everest Forms Pro WordPress Flaw is Handing Attackers Admin Access

 | 

CVE-2026-35273

Pierluigi Paganini June 12, 2026
Oracle PeopleSoft RCE Flaw Used as Zero-Day in Ongoing ShinyHunters Campaign

ShinyHunters exploited a critical Oracle PeopleSoft zero-day to breach over 100 organizations, mostly universities, before a patch was available. Mandiant and Google’s Threat Intelligence Group published an analysis of an active ShinyHunters campaign on June 11, one day after Oracle finally issued an advisory for the vulnerability being exploited. The gap matters: the activity ran […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Oracle PeopleSoft RCE Flaw Used as Zero-Day in Ongoing ShinyHunters Campaign

Cyber Crime / June 12, 2026

21,786 Home Cameras, No Password, No Warning

Hacking / June 12, 2026

CVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch Release

Uncategorized / June 11, 2026

OnyxC2 Malware-as-a-Service Offers Enterprise-Grade Data Theft

Malware / June 11, 2026

Chaotic Eclipse Strikes Again: New Zero-Day Unlocks BitLocker in Four Hours of Research

Security / June 11, 2026