The Hacker News

LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution

Three patched LangGraph flaws could let attackers chain SQL injection and unsafe deserialization for RCE in self-hosted ...

Microsoft patches Exchange Server zero-day exploited in attacks

Microsoft has patched an actively exploited Exchange Server vulnerability that allows threat actors to execute arbitrary ...
The Hacker News

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

Splunk issued security updates for a critical CVSS 9.8 vulnerability in Splunk Enterprise that allows unauthenticated remote ...

Oracle PeopleSoft servers hacked in ShinyHunters data theft attacks

Oracle PeopleSoft servers are being targeted in ongoing data theft attacks by the ShinyHunters extortion gang, which claims to have stolen data from over 100 organizations.
SecurityWeek

‘GreatXML’ Zero-Day Exploit Bypasses BitLocker

GreatXML, a new Windows BitLocker bypass exploit, targets a zero-day vulnerability in Microsoft Defender’s offline scan.

PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data

One of the world’s most active ransomware groups exploited a critical vulnerability in Oracle’s PeopleSoft software suite and ...
Crypto Briefing

Oracle PeopleSoft servers targeted in data theft attacks linked to ShinyHunters

ShinyHunters, one of the most prolific data extortion gangs operating today, has been exploiting Oracle PeopleSoft servers to steal massive troves of sensitive information. The most significant known ...