Search

bleepingcomputer.com › news › security

Oracle PeopleSoft servers hacked in ShinyHunters data theft attacks

…The script parses the /etc/hosts to identify PeopleSoft-related systems and attempts to connect to them over SSH using common PeopleSoft and Oracle administrative accounts such as 'psoft', 'oracle', and 'linuxadm…

Jun 10, 2026 · Lawrence Abrams

Top stories

bleepingcomputer.com

Why Account Takeovers Are Rising and How to Stop Them

5d ago

bleepingcomputer.com

SimpleHelp bug lets hackers create rogue remote support accounts

1w ago

bleepingcomputer.com

French govt messaging service breached in account hijacking attack

1w ago

bleepingcomputer.com

ServiceNow discloses security incident exposing customer data

1w ago

bleepingcomputer.com › news › security

Hackers bypass SonicWall VPN MFA due to incomplete patching

…SonicWall warned in a security advisory for CVE-2024-12802 that installing the firmware update alone on Gen6 devices does not fully mitigate the vulnerability, and a manual reconfiguration of the LDAP…

May 20, 2026 · Bill Toulas

bleepingcomputer.com › news › security

7-Eleven confirms data breach claimed by the ShinyHunters gang

…Home security giant ADT data breach affects 5.5 million people Data breach at edtech giant McGraw Hill affects 13.5 million accounts Instructure reaches 'agreement' with ShinyHunters to stop data leak…

May 19, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

GitHub disables Microsoft repos pushing password-stealing malware

…Yesterday, application security company Socket reported that it spotted a new Shai-Hulud attack over the weekend that relied on a new delivery mechanism . StepSecurity published a separate report focusing on a…

Jun 9, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Critical UniFi OS bug lets hackers gain root without authentication

…The security issues are tracked as CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910. They have been addressed in May and impact UniFi OS Server versions 5.0.6 and…

Jun 8, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks

…Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric." Cisco Catalyst SD-WAN is a software-based networking…

May 14, 2026 · Lawrence Abrams

bleepingcomputer.com › news › microsoft

Windows 11 KB5094126 & KB5093998 cumulative updates released

…This update reduces unexpected authentication blocks in Windows Hello Enhanced Sign‑in Security by resolving missing secure enrollment metadata. This update improves sign‑in behavior on the lock screen and sign‑in…

Jun 9, 2026 · Mayank Parmar

bleepingcomputer.com › news › security

FortiBleed leak exposes Fortinet VPN credentials for 73,000 devices.

…The exposed data was first discovered by security researcher Bob Diachenko, who says he found a server containing what appeared to be valid Fortinet VPN credentials, including usernames, email addresses, and plaintext…

Jun 17, 2026 · Lawrence Abrams

bleepingcomputer.com › news › security

Avada Builder WordPress plugin flaws allow site credential theft

…The other security issue received the identifier CVE-2026-4798 and is an SQL injection that can be leveraged without authentication. However, exploitation is possible only if the WooCommerce e-commerce plugin…

May 15, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Chinese hackers breach REDCap servers, steal medical research

…GTIG observed a high level of operational security across this campaign, including the use of US-based residential proxy infrastructure, compromised routers, VPS, credential replay, and dedicated infrastructure for data exfiltration. Google…

Jun 15, 2026 · Bill Toulas