ShinyHunters Breached 300 Oracle PeopleSoft Servers
ShinyHunters confirms breaching 300 Oracle PeopleSoft instances at 100+ organizations, with zero-days in play and universities hit first.
Lawsuits, patent wars, and enforcement actions.
ShinyHunters confirms breaching 300 Oracle PeopleSoft instances at 100+ organizations, with zero-days in play and universities hit first.
CFTC's prediction market rule proposes a categorical bar on war and terrorism bets, citing assassination-plot conflicts of interest.
$38B Visa-Mastercard swipe fee deal gets preliminary court nod, but the NRF says the fee cut just rolls rates back to 2023 levels.
Qilin ransomware hit a few dozen organizations through a CVSS 9.3 Check Point VPN flaw before a patch existed. Agencies have until June 11.
Colorado's DIDMCA opt-out drew an amicus coalition of FDIC, OCC, 21 state AGs, and the U.S. Chamber against it in the Tenth Circuit.
Meta caught NSO running phishing campaigns in violation of a court-ordered no-hack ban, and it's now asking a federal judge for contempt.
House Democrats say DOGE's Social Security grab may be the largest breach in U.S. history, and Iran and China had a very bad quarter too.
Silent Ransom Group sent imposters into dozens of law firm offices this year with USB drives. FBI and Mandiant filed concurrent warnings.
The FCA froze a payments firm operating in the UK, US, and Spain over money-laundering gaps and appointed court managers; hearing is June 11.
Polyfill.io reactivated in late May, hitting Toshiba, Muji, and five others with rogue login prompts two years after a Chinese entity hijacked the CDN.
CFPB converts immigration status into a Reg Z income-continuity factor, forcing lenders to audit policies built under its reversed 2023 guidance.
Darren Hughes offered free meth samples on Nemesis Market, then sold fentanyl to undercover agents five times in 2023. He got 26 years.
Barlow's qui tam suit alleges IBM concealed 56,000 APT 10 breaches from federal clients and didn't keep the logs to know what was taken.
The Supreme Court's 8-1 ruling upholds $104M in FCC fines against AT&T and Verizon for selling real-time location data to bounty hunters.
After DentaQuest didn't pay ShinyHunters, 234 GB went public: 2.6M accounts with Medicaid IDs, government IDs, and dates of birth.
Columbia's 2025 breach exposed 1.8M SSNs, and an undisclosed number of victims had no connection to the university or any warning it held their data.
New York's Champerty Fix Act cleared the Senate and faces an Assembly deadline this week, with hundreds of billions in sovereign debt at stake.
Nobitex processed 50% of Iran's crypto inflows and routed stablecoins to the Central Bank. OFAC put it on the SDN list with its chairman and CEO.
The 5th Circuit's May 28 stay put Texas SB 2420 back in force, but four-state ASAA compliance still hinges on a First Amendment ruling.
Louisiana is the 22nd state with a comprehensive privacy law, but CCPA-style thresholds and a narrower sensitive-data scope create compliance gaps.