-
Maine breach portal abused to publish fake data breach disclosures
In an unusual misinformation campaign, fraudulent data breach disclosures were submitted to Maine's official breach portal and publicly posted before their legitimacy could be v...
-
ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities
The ShinyHunters extortion crew exploited an unpatched flaw in Oracle PeopleSoft to break into enterprise systems, steal data, and demand payment to keep it private. The campaig...
-
Oracle mitigates PeopleSoft zero-day exploited in data theft attacks
Oracle is warning about a critical PeopleSoft Suite zero-day vulnerability tracked as CVE-2026-35273 that allows unauthenticated remote code execution, with the flaw actively ex...
-
Software Update Automatically Turns off Amazon Delivery Drivers’ AC During Dangerous Summer Heat
A new software update is turning off the AC in Amazon delivery vans after 10 minutes or 30 seconds under certain conditions.
-
A tale of two eras
In this week’s newsletter, Amy reminisces on the tech toys of their childhood, inspired by a hilarious lesson about why your digital privacy shouldn't be left on an open channel.
-
New Attacks Trick OpenClaw AI Agent Into Running Code and Leaking Secrets
Two security teams have shown, in separate research published this week, that OpenClaw, the popular self-hosted AI agent, can be driven to run attacker-controlled code or hand o...
-
New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML Files
Security researcher Chaotic Eclipse (aka Nightmare-Eclipse and MSNightmare) has released a new Windows BitLocker bypass dubbed GreatXML, a day after they published an exploit fo...
-
The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm
A new analysis of The Gentlemen operation has revealed that the financially motivated threat group initially operated as an affiliate responsible for conducting double extortion...
-
Google can be liable for false AI Overviews, court rules
"AI can make mistakes" isn't a good enough legal defense for defamatory or incorrect AI Overviews, a German court has ruled.
-
Authorities dismantle 'AudiA6' ransomware crypto-laundering service
Law enforcement has dismantled the “AudiA6” cryptocurrency service allegedly used by ransomware actors and other cybercriminals to launder more than $380 million. [...]
