Breaking News – Cyber Threats (last 6h)
Generated: 2026-06-11 13:00 PDT
- Oracle mitigates PeopleSoft zero-day exploited in data theft attacks
BleepingComputer • 2026-06-11 12:39 • www.bleepingcomputer.com
Oracle is warning about a critical PeopleSoft Suite zero-day vulnerability tracked as CVE-2026-35273 that allows unauthenticated remote code execution, with the flaw actively exploited in ShinyHunter data theft attacks. […]
https://www.bleepingcomputer.com/news/security/oracle-mitigates-peoplesoft-zero-day-exploited-in-data-theft-attacks/ - New Attacks Trick OpenClaw AI Agent Into Running Code and Leaking Secrets
The Hacker News • 2026-06-11 10:46 • thehackernews.com
Two security teams have shown, in separate research published this week, that OpenClaw, the popular self-hosted AI agent, can be driven to run attacker-controlled code or hand over sensitive data through ordinary-looking inputs.Imperva buried instructions inside shared contacts, vCards, and location pins that the agent executed without the victim ever seeing them. Varonis built a test agent on
https://thehackernews.com/2026/06/new-attacks-trick-openclaw-ai-agent.html - New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML Files
The Hacker News • 2026-06-11 10:43 • thehackernews.com
Security researcher Chaotic Eclipse (aka Nightmare-Eclipse and MSNightmare) has released a new Windows BitLocker bypass dubbed GreatXML, a day after they published an exploit for Microsoft Defender.“This was an accidental discovery, it took a total of 4 hours to find this,” the researcher said in a post on Blogger. “If you ever attempted to use Windows Defender Offline Scan, you’re
https://thehackernews.com/2026/06/new-greatxml-exploit-bypasses-windows.html - The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm
The Hacker News • 2026-06-11 09:50 • thehackernews.com
A new analysis of The Gentlemen operation has revealed that the financially motivated threat group initially operated as an affiliate responsible for conducting double extortion attacks, while leveraging resources from various ransomware-as-a-service (RaaS) schemes like LockBit (aka Tenacious Mantis), Qilin (aka Pestilent Mantis), and Medusa (aka Venomous Mantis).According to a detailed report
https://thehackernews.com/2026/06/the-gentlemen-ransomware-claims-478.html - Authorities dismantle 'AudiA6' ransomware crypto-laundering service
BleepingComputer • 2026-06-11 08:55 • www.bleepingcomputer.com
Law enforcement has dismantled the “AudiA6” cryptocurrency service allegedly used by ransomware actors and other cybercriminals to launder more than $380 million. […]
https://www.bleepingcomputer.com/news/legal/authorities-dismantle-audia6-ransomware-crypto-laundering-service/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
