NAIC BREACH: SHINYUNTERS STEALS PUBLIC DATA VIA PEOPLESOFT ZERO-DAY
■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE
The National Association of Insurance Commissioners confirmed that the ShinyHunters extortion group breached its systems through a zero-day vulnerability in Oracle PeopleSoft. The attackers accessed only publicly available data, outdated logs, and configuration files.
■ MORE FROM THE SECURITY DESK
Partnered Health, one of Australia's largest healthcare providers, has disclosed a cyber-attack affecting 21 clinics across Sydney, Melbourne, and Canberra. Personal information and medical records were compromised in the breach.
Security firm Intruder has developed an AI-powered system that automatically identifies previously unknown software vulnerabilities by combining code analysis with large language models. The tool already discovered and exploited a WordPress plugin zero-day.
U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.