CyberSecurity Updates

Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks

Oracle on Thursday released an out-of-band advisory addressing a PeopleSoft vulnerability that can be exploited by an unauthenticated attacker for remote code execution. The security alert comes amid reports that the notorious ShinyHunters hacker group has been targeting organizations that use PeopleSoft. PeopleSoft is an integrated enterprise resource planning (ERP) software suite widely used by large organizations for managing core business functions, including HR, payroll, finance, supply chain, and campus operations. The newly disclosed vulnerability…

Read More

Who Runs the Ransomware Group ‘The Gentlemen?’

A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strategy that promises affiliates 90 percent of any ransom paid by victims. This post examines clues pointing to a real life identity for the administrator of The Gentlemen ransomware group. A graphic created and shared by The Gentlemen ransomware group administrator Hastalamuerte on Breachforums in…

Read More

Infostealers Turn Millions of Devices Into Credential Theft Machines

Hackers no longer force open the side-window when infostealers can give them a key to the front door. Infostealers have become the primary source of stolen credentials for attackers. Using these credentials is now a favored route for bad actors to access a target effectively as an invited guest. It is quicker, easier, less visible and more effective than forcing an entry. More than 11.1 million devices were infected with infostealers in 2025, reports Flashpoint.…

Read More

Cybercriminals: the ‘auditors’ you never hired

There’s one cognitive bias that we humans are prone to, and it lies at the centre of some of the challenges that cybersecurity professionals face every day. It’s known as the normalcy bias – what Dr. Lauren Braithwaite defines as “our tendency to underestimate the possibility of disaster and believe that life will continue as normal, even in the face of significant threats or crises.” It’s why people hesitate after fire alarms go off or…

Read More

A Record-Breaking Patch Tuesday for June 2026

Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company’s monthly Patch Tuesday cycle. Nearly three dozen of those bugs earned Microsoft’s most dire “critical” rating, and exploit code for at least three of the weaknesses is now publicly available. The software giant said in a blog post last month that both its engineers and the security community…

Read More

Microsoft Patches 200 Vulnerabilities

Microsoft’s June 2026 Patch Tuesday updates fix roughly 200 vulnerabilities discovered in the company’s products.  None of the flaws addressed this month appears to have been exploited in the wild, but three issues were publicly disclosed before Microsoft patched them. One of them is CVE-2026-49160, described as a denial-of-service (DoS) issue affecting Windows. This vulnerability is related to HTTP2/Bomb, an attack technique that could affect hundreds of thousands of websites, and which can be used…

Read More

A Security Raises $37 Million for Autonomous Offensive Security Platform

A Security emerged from stealth mode on Monday after raising $37 million in funding for its autonomous offensive security and remediation platform. The company was founded by Yossi Torati, Omer Gull, and Yuval Itzchakov. Torati, who serves as CEO, previously worked as director of enterprise security at Sygnia. Gull (CPO) and Itzchakov (CTO) held leadership roles at Hunters prior to founding A Security. A Security received funding from Lightspeed Venture Partners, Cyberstarts, Wiz CEO Assaf…

Read More

Emphere Raises $2.1 Million for AI-Powered Vulnerability Remediation

Emphere, a Seattle cybersecurity startup building an AI-driven vulnerability remediation platform, this week announced raising $2.1 million in pre-seed funding from AI2 Incubator and Outsiders Fund. The startup’s approach to vulnerability remediation falls in line with modern software development trends, where code is no longer built from scratch but assembled from open source packages, runtimes, dependencies, and OS layers. Any vulnerability in these components, Emphere says, is the shipping company’s or the vendor’s problem, even…

Read More

Opal Security Raises $23 Million for AI-Native Identity Governance

Identity governance startup Opal Security has announced raising $23 million in a new funding round that brings the total investment in the company to $59 million. The fresh round of funding was led by Greylock and Battery Ventures, with additional support from Cambium Capital. Founded in 2020, San Francisco-based Opal has built an AI-native platform that provides organizations with real-time visibility, policy-as-code, and direct control over all identities, including employees, service accounts, and AI agents.…

Read More

Lessons for life: Why children’s data is a long-term identity risk

Kids Online Your child’s first data breach may happen before they’ve even opened a bank account. Here’s how to keep their digital life safe. Phil Muncaster 03 Jun 2026  •  , 6 min. read When we talk about cybersecurity and digital safety in the context of our children, it’s often framed in one of two ways. Either it’s about inappropriate or unsafe content – of the sort that COPPA is meant to regulate in the…

Read More