09 Jul, 2026

Over 900 Oracle E-Business instances exposed to ongoing attacks

Over 900 Oracle E-Business Suite (EBS) instances have been found exposed online amid ongoing attacks exploiting a critical security flaw. The vulnerability (tracked as CVE-2026-46817) was found in the File Transmission component of EBS’s Oracle Payments product and allows malicious actors without privileges and with HTTP network access to take over vulnerable systems through low-complexity attacks. […]

2 mins read

Nissan discloses employee data breach linked to Oracle zero-day attacks

Nissan is warning that it suffered a data breach affecting current and former employees after threat actors exploited an Oracle PeopleSoft vulnerability in data theft attacks previously linked to the ShinyHunters extortion group. In breach notifications filed with the California Attorney General’s Office, Oracle says these data theft attacks impacted hundreds of companies and that […]

3 mins read

Hackers now exploit critical Oracle E-Business flaw in attacks

Attackers have begun exploiting a critical vulnerability (tracked as CVE-2026-46817) in the Oracle E-Business Suite (EBS) financial application, according to threat intelligence company Defused. This security flaw was found in the File Transmission component of EBS’s Oracle Payments product and enables unauthenticated malicious actors with HTTP network access to take over vulnerable systems through low-complexity attacks. […]

2 mins read

Oracle mitigates PeopleSoft zero-day exploited in data theft attacks

Oracle is warning about a critical PeopleSoft Suite zero-day vulnerability tracked as CVE-2026-35273 that allows unauthenticated remote code execution, with the flaw actively exploited in ShinyHunter data theft attacks. The flaw is within Oracle PeopleSoft PeopleTools and has a CVSS base score of 9.8. “This Security Alert addresses vulnerability CVE-2026-35273 in Oracle PeopleSoft PeopleTools. Oracle PeopleSoft Enterprise Applications […]

4 mins read

Oracle PeopleSoft servers hacked in ShinyHunters data theft attacks

Oracle PeopleSoft servers are being targeted in ongoing data theft attacks by the ShinyHunters extortion gang, which claims to have stolen data from over 100 organizations. PeopleSoft is an enterprise business software suite used by large organizations to manage business operations such as human resources, payroll, finance, supply chain management, procurement, and student administration. Yesterday, […]

3 mins read

CISA flags two-year-old Oracle flaw as actively exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered government agencies to secure their systems against a high-severity Oracle WebLogic Server vulnerability that was patched two years ago and is now actively exploited in attacks. Oracle WebLogic Server is an enterprise-grade Java app server used as middleware for large, multi-tier distributed applications. Tracked as CVE-2024-21182, […]

2 mins read

Oracle pushes emergency fix for critical Identity Manager RCE flaw

Oracle has released an out-of-band security update to fix a critical unauthenticated remote code execution vulnerability in Identity Manager and Web Services Manager tracked as CVE-2026-21992. Oracle Identity Manager is used for managing identities and access across an enterprise, while Oracle Web Services Manager provides security and management controls for web services. In an advisory […]

2 mins read

The biggest cyber security and cyberattack stories of 2025

2025 was a big year for cyber security, with major cyberattacks, data breaches, threat groups reaching new notoriety levels, and, of course, zero-day vulnerabilities exploited in incidents. Some stories, though, were more impactful or popular with our readers than others. Below are fifteen of what GeekFeed believes are the most impactful cyber security topics of […]

19 mins read

Korean Air data breach exposes data of thousands of employees

Korean Air experienced a data breach affecting thousands of employees after Korean Air Catering & Duty-Free (KC&D), its in-flight catering supplier and former subsidiary, was recently hacked. Korea’s flag carrier has over 20,000 employees, a fleet of over 160 aircraft, and has reported over $11 billion in revenue after carrying more than 23 million passengers […]

3 mins read

University of Phoenix data breach impacts nearly 3.5 million individuals

The Clop ransomware gang has stolen the data of nearly 3.5 million University of Phoenix (UoPX) students, staff, and suppliers after breaching the university’s network in August. Headquartered in Phoenix, Arizona, UoPX is a private for-profit university founded in 1976 with over 100,000 enrolled students and nearly 3,000 academic staff. In early December, the university disclosed […]

3 mins read