CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Ars Technica
PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data
“While several organizations successfully blocked the activity or remediated the vulnerabilities, others experienced compromise, resulting in stolen data being published on the ShinyHunters DLS,” Mand ...
-
The Hacker News
China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
Instead of hiding on the laptops and servers defenders watch most closely, a China-nexus group spent close to a decade hidden inside the Linux login system itself. Sygnia, which tracks the group as Ve ...
-
The Hacker News
LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution
Cybersecurity researchers have disclosed details of three now-patched security flaws impacting LangGraph, including a critical vulnerability chain that could result in remote code execution. LangGraph ...
-
security.nl
'ShinyHunters misbruikte sinds 27 mei zerodaylek in Oracle PeopleSoft'
De criminele groepering ShinyHunters heeft sinds 27 mei misbruik gemaakt van een kritieke kwetsbaarheid in Oracle PeopleSoft waar op het moment van de aanvallen nog geen patch voor beschikbaar was, zo ...
-
TheCyberThrone
Oracle PeopleSoft Zero-Day Exploited by ShinyHunters — 100+ Organizations Breached
CVE-2026-35273 | CVSS 9.8 | Critical | Zero-Day | Active ExploitationOverviewOracle’s PeopleSoft enterprise platform has been the target of a large-scale, coordinated mass-compromise campaign carried ...
-
The Hacker News
ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities
The ShinyHunters extortion crew exploited an unpatched flaw in Oracle PeopleSoft to break into enterprise systems, steal data, and demand payment to keep it private. The campaign hit universities hard ...
-
The Hacker News
New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML Files
Security researcher Chaotic Eclipse (aka Nightmare-Eclipse and MSNightmare) has released a new Windows BitLocker bypass dubbed GreatXML, a day after they published an exploit for Microsoft Defender. " ...
-
The Hacker News
The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm
A new analysis of The Gentlemen operation has revealed that the financially motivated threat group initially operated as an affiliate responsible for conducting double extortion attacks, while leverag ...
-
TheCyberThrone
Ivanti June 2026 — Vulnerability Advisory Deep Dive
CVE-2026-10520 | Ivanti Sentry | CVSS 10.0 — OS Command InjectionVulnerability class: CWE-78 — OS Command InjectionAttack vector: Network | No authentication | No user interactionThe flaw resides in t ...
-
Google Cloud
ShinyHunters Targets Education Sector with Oracle PeopleSoft Exploit
Introduction Mandiant and Google Threat Intelligence Group (GTIG) have identified an active compromise and extortion campaign attributed to UNC6240 (ShinyHunters) targeting Oracle PeopleSoft applicati ...