CSO Online

Oracle PeopleSoft zero‑day fuels ShinyHunters extortion spree

Attackers leveraged a critical unauthenticated RCE bug to breach higher‑ed institutions, deploy stealth remote access tools, ...
InfoQ

Oracle's OpenJDK Bans Generative AI Contributions While Oracle's GraalVM Allows Them

Two related, Oracle-backed projects published opposing policies on open-source contributions created with generative AI: The ...

PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data

One of the world’s most active ransomware groups exploited a critical vulnerability in Oracle’s PeopleSoft software suite and ...
The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.
The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.