The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has included new vulnerabilities in its Known Exploited Vulnerabilities catalog, specifically targeting the KNX Protocol Connection Authorization Option 1 from the KNX Association and various flaws related to Oracle products. This update is crucial as it indicates that these vulnerabilities could be actively exploited by attackers, posing risks to organizations using affected systems. The inclusion of these vulnerabilities serves as a warning to IT departments and security teams to prioritize patching and mitigation efforts. Notably, CISA also added vulnerabilities from SonicWall and Microsoft to the catalog, emphasizing the ongoing need for vigilance in cybersecurity practices. Companies should review their systems and apply necessary updates to safeguard against potential attacks.
The Cybersecurity and Infrastructure Security Agency (CISA) has mandated that federal agencies address a serious vulnerability in the Oracle E-Business Suite by Saturday. This flaw is being actively exploited in the wild, posing risks to financial operations managed through the software. Agencies are urged to take immediate action to protect their systems from potential attacks that could compromise sensitive financial data. The urgency of this directive reflects the critical nature of the vulnerability and the potential impact on government operations if left unaddressed.
The Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog due to evidence of active exploitation. The first, CVE-2023-4346, affects the KNX Protocol Connection Authorization Option 1, which has an overly restrictive account lockout mechanism, making it a target for attackers. The second, CVE-2026-46817, involves improper privilege management in Oracle E-Business Suite. These vulnerabilities pose significant risks, particularly to federal agencies, which are required by CISA's Binding Operational Directive 26-04 to prioritize rapid remediation of high-risk vulnerabilities. While this directive specifically applies to federal agencies, CISA encourages all organizations to adopt similar practices. Organizations that identify exploited vulnerabilities not listed in the KEV Catalog can submit them for potential inclusion.
Last week, vulnerabilities in SimpleHelp and Oracle EBS Payments were actively exploited. The SimpleHelp flaw allows attackers to gain unauthorized access to systems, posing a serious risk to users of the remote support software. Meanwhile, a vulnerability in Oracle's EBS Payments system has also come under attack, potentially compromising financial data for organizations using this enterprise resource planning software. These incidents emphasize the growing challenges in securing software, particularly as companies increasingly integrate AI features, which often introduce new vulnerabilities. Organizations relying on these systems need to prioritize patching and monitoring to protect sensitive information.
Nissan Americas has been impacted by a significant data breach linked to a zero-day vulnerability in Oracle’s PeopleSoft software, identified as CVE-2026-35273. This vulnerability has led to a series of attacks, with researchers connecting it to a group known as UNC6240, which is believed to be exploiting the weakness. The breach raises serious concerns about the security of sensitive employee information and operational data within Nissan Americas and potentially other organizations using the same software. As attackers continue to exploit this vulnerability, affected companies must act quickly to secure their systems and protect their data from further unauthorized access.
A serious vulnerability, identified as CVE-2026-46817, has been discovered in Oracle E-Business Suite, allowing remote attackers to gain unauthorized access to Oracle Payments. This flaw has a high severity rating of 9.8 on the CVSS scale and is currently being exploited in real-world attacks, according to cybersecurity firm Defused Cyber. Organizations using Oracle E-Business Suite need to be particularly vigilant, as this vulnerability can lead to significant financial and operational risks. The situation is critical, and immediate action is necessary to protect sensitive payment information and other related data from unauthorized access. Users and administrators should prioritize addressing this vulnerability to mitigate potential breaches.
A serious vulnerability affecting Oracle E-Business Suite, identified as CVE-2026-46817, is currently being exploited by attackers. This flaw, which has a CVSS score of 9.8, relates to improper privilege management and authentication issues in Oracle Payments. If exploited, this vulnerability could allow unauthorized users to take control of affected instances, posing a significant risk to organizations using the software. The situation calls for immediate attention, as the vulnerability is actively being targeted in the wild. Companies using Oracle E-Business Suite should prioritize addressing this flaw to protect their systems and data from potential breaches.
Hackers are actively exploiting a serious vulnerability, identified as CVE-2026-46817, in the Oracle E-Business Suite (EBS) financial application. This flaw poses a significant risk to businesses using the software, as it allows unauthorized access to sensitive financial data. Threat intelligence firm Defused reported that the attacks are already underway, making it crucial for organizations to take immediate action to protect their systems. Users of Oracle EBS should prioritize updating their software and implementing any available security patches to mitigate the risk of exploitation. The urgency of this situation highlights the ongoing need for vigilance in cybersecurity practices, especially for widely used enterprise applications.
A data breach has occurred at the National Association of Insurance Commissioners (NAIC) after attackers exploited a zero-day vulnerability in Oracle Peoplesoft. This breach allows unauthorized access to the IT systems used by the NAIC, which plays a crucial role in setting standards for the US federal insurance framework. The incident raises serious concerns about the security of sensitive information within the insurance sector, as the NAIC handles critical data that impacts consumers and insurance providers alike. The exploitation of this vulnerability serves as a stark reminder of the ongoing risks associated with software used in government and financial sectors. Stakeholders need to be vigilant and assess their systems for potential vulnerabilities to prevent similar incidents in the future.
The National Association of Insurance Commissioners (NAIC) has confirmed that it was the target of a cyberattack claiming a massive data theft of 3.1TB. The breach was linked to a zero-day vulnerability in Oracle PeopleSoft, a widely used enterprise resource planning software. The hacking group ShinyHunters has taken responsibility for the incident, raising concerns about the security of sensitive data within the insurance sector. As a result, companies using Oracle PeopleSoft should assess their systems and consider implementing necessary security measures to protect against such vulnerabilities. This incident highlights the ongoing risks associated with software vulnerabilities and the importance of timely patches and updates.
Oracle has rolled out its June 2026 Critical Security Patch Update, addressing a total of 245 vulnerabilities across various products, including Communications, E-Business Suite (EBS), and Enterprise Manager. This update is crucial as it aims to protect users from potential exploitation of these vulnerabilities, which could lead to unauthorized access or data breaches. The large number of patches indicates a significant risk across multiple platforms, making it essential for organizations using these products to apply the updates promptly. By doing so, they can safeguard their systems against possible attacks that may target these weaknesses. Users are encouraged to review the specific patches applicable to their environments and implement them as soon as possible to enhance their security posture.
A significant vulnerability in Oracle's ERP software has been exploited by hackers, particularly impacting American universities. The group known as ShinyHunters took advantage of this flaw to steal large amounts of sensitive data from these institutions. This incident raises concerns about the security of educational data, as universities often hold a wealth of personal and financial information about students and staff. The exploitation of this zero-day vulnerability emphasizes the need for organizations to regularly update their software and implement strong security measures to protect against such attacks. As this situation unfolds, affected universities must respond quickly to mitigate the damage and secure their systems.
Oracle has announced a significant change to its security update process, set to take effect in May 2026. The company will introduce a monthly Critical Security Patch Update (CSPU) that aims to deliver smaller, more targeted fixes for security vulnerabilities. This new approach will complement the existing quarterly Critical Patch Updates (CPUs), which will continue to include all fixes from previous CSPUs. The shift to monthly updates is designed to make it easier for organizations to apply critical security fixes promptly. This change is particularly relevant for companies managing their own deployments, as it emphasizes the need for timely updates in an ever-evolving cybersecurity landscape.
Oracle has released a significant update, patching 481 vulnerabilities across 28 of its product families. Among these, over 300 patches address remotely exploitable flaws that do not require authentication, making them particularly concerning for users. This update is part of Oracle's April 2026 Critical Patch Update (CPU), which aims to enhance security for its various software products. Users of Oracle software should prioritize applying these patches to protect their systems from potential attacks. The vulnerabilities could allow attackers to exploit systems without needing any user credentials, which increases the urgency for swift action.
A recent study by CloudSEK has found that attackers quickly took advantage of a serious remote code execution (RCE) vulnerability in Oracle WebLogic the same day that exploit code became available. This flaw poses a significant risk to organizations using affected versions of WebLogic, as it allows malicious actors to execute arbitrary code on compromised servers. The rapid exploitation indicates that cybercriminals are closely monitoring vulnerability disclosures and acting swiftly, which raises concerns for businesses that may not have applied necessary security patches. Companies using Oracle WebLogic should prioritize updating their systems to mitigate this threat and protect sensitive data.