-
ShinyHunters Targets Education Sector with Oracle PeopleSoft Exploit
Author: Mandiant / Google Threat Intelligence Group (GTIG) Published: June 11, 2026 Source: https://cloud.google.com/blog/topics/threat-intelligence/shinyhunters-targets-education-sector-oracle-exploit Summary Mandiant and the Google Threat Intelligence Group report a zero-day exploitation and extortion campaign by ShinyHunters (tracked as UNC6240) against Oracle PeopleSoft environments, running from May 27 to June 9, 2026. The actor exploited CVE-2026-35273, a critical (CVSS 9.8) unauthenticated…
-
Critical Windows Netlogon RCE flaw now exploited in attacks
Author: Sergiu Gatlan Published: June 1, 2026 Source: https://www.bleepingcomputer.com/news/microsoft/critical-windows-netlogon-remote-code-execution-flaw-now-exploited-in-attacks/ Summary BleepingComputer reports that CVE-2026-41089, a critical remote code execution vulnerability in the Windows Netlogon RPC interface, is now being exploited in attacks according to Belgium’s Centre for Cybersecurity (CCB). Rated CVSS 9.8, the flaw affects Windows servers acting as domain controllers and can be triggered…
-
Rapid7 Observed Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability (CVE-2026-0257)
Author: Rapid7 Published: May 29, 2026 (last updated June 3, 2026) Source: https://www.rapid7.com/blog/post/etr-rapid7-observed-exploitation-of-pan-os-globalprotect-authentication-bypass-vulnerability-cve-2026-0257/ Summary Rapid7 reports active in-the-wild exploitation of CVE-2026-0257, an authentication bypass in the Palo Alto Networks PAN-OS GlobalProtect portal/gateway. The flaw stems from improper certificate handling in the authentication override feature: when the certificate used to encrypt authentication-override cookies is reused for…