Oracle warns of security bug that hackers abused to breach 100+ companies

The tech giant warned of a security flaw that a cybercrime gang said it's exploiting as part of a mass-hacking campaign.

Oracle warns customers of critical PeopleSoft attack after hundreds of servers hacked by ...

High-severity CVSS 9.8 PeopleSoft vulnerability caused over 100 organizations to become victims, including universities.

Cybercriminals claim breach of Oracle PeopleSoft servers at 100-plus organizations

The ShinyHunters hacking gang claims to have compromised the Oracle PeopleSoft servers of more than 100 organizations, ...

Oracle issues out-of-band warning about critical PeopleSoft code injection flaw

Oracle is closing a critical code injection vulnerability in PeopleSoft with an update outside of its usual schedule.
CSO Online

Oracle’s first monthly patch release fixes 35 flaws, including 11 rated ‘critical’

Oracle has released the first security fixes in its new monthly Critical Security Patch Update (CSPU) cycle, designed to ...

Oracle PeopleSoft servers hacked in ShinyHunters data theft attacks

Oracle PeopleSoft servers are being targeted in ongoing data theft attacks by the ShinyHunters extortion gang, which claims to have stolen data from over 100 organizations.
The Hacker News

Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation

CVE-2024-21182 entered CISA's KEV catalog after active exploitation evidence, requiring federal patching by June 4, 2026.

Oracle CSPU: 35 Security Updates in May

In the overview of the CSPU in May 2026, Oracle developers write that they are addressing 35 vulnerabilities in various ...
ZDNet

Oracle to 'sinner' customers: Reverse engineering is a sin and we know best

When I first read an online rant by Oracle chief security officer Mary Ann Davidson, I pinged the software provider's PR, asking if the blog post was legitimate. While I'm yet to receive a response, ...