Extortion

vulnerabilities 2026-06-11
Oracle Ships Out-of-Band Fix for PeopleSoft Zero-Day CVE-2026-35273 as ShinyHunters Loots 100+ Orgs
Oracle pushed an emergency alert for CVE-2026-35273, an unauthenticated CVSS 9.8 RCE in PeopleSoft PeopleTools. Mandiant confirms in-the-wild exploitation, and ShinyHunters claims data theft from 100+ organizations including the University of Nottingham.
CVE-2026-35273 oracle peoplesoft peopletools rce zero-day shinyhunters extortion
breach 2026-05-17
Grafana Refuses Ransom After CoinbaseCartel Pwn Request Attack Steals Source Code From Five Repos
Grafana Labs disclosed that CoinbaseCartel exploited a GitHub Actions pull_request_target misconfiguration to steal privileged CI tokens and pivot into five private repos. A canary token tripped the breach; the company refused the ransom demand.
grafana github-actions pwn-request pull-request-target coinbasecartel supply-chain source-code-breach extortion canary-token
breaches 2026-05-05
ShinyHunters Hits Instructure Again: 3.65TB, 275M Canvas Users, May 6 Ransom Deadline
ShinyHunters claims 3.65TB stolen from Instructure's Canvas platform — 275M users across ~9,000 institutions. Second hit in eight months. Ransom timer expires tomorrow.
shinyhunters instructure canvas-lms edtech data-breach salesforce extortion

Oracle Ships Out-of-Band Fix for PeopleSoft Zero-Day CVE-2026-35273 as ShinyHunters Loots 100+ Orgs