Oracle has issued an emergency security advisory for a critical vulnerability in its PeopleSoft enterprise software that allows unauthenticated remote code execution, affecting versions 8.61 and 8.62 of the widely-used business management suite. The alert comes as the notorious ShinyHunters hacking group reportedly exploited this and other flaws to breach over 300 PeopleSoft instances across more than 100 organizations, with the education sector particularly hard hit, including a confirmed breach at the University of Nottingham. Oracle has released mitigation guidance rather than a full patch and is urging organizations to implement the fixes immediately, though the company has not explicitly confirmed zero-day exploitation despite security researchers warning about active attacks.

The hacking group OceanLotus has launched a sophisticated cyberattack campaign called FireAnt, targeting investors in Vietnam with a new piece of malware dubbed SPECTRALVIPER. The advanced persistent threat group appears to be conducting espionage operations aimed at Vietnamese financial sector professionals, marking another escalation in cyber threats facing the region's business community.

AI has significantly disrupted traditional vulnerability management systems, prompting Chief Information Security Officers to shift their budgets toward Breach and Attack Simulation platforms. The move reflects a growing recognition that conventional vulnerability scanning approaches are struggling to keep pace with AI-discovered security flaws. As AI becomes increasingly capable of identifying software vulnerabilities, organizations are investing in more dynamic testing and validation tools to better defend against these threats.

A security bulletin highlights three major developments: worm code has been leaked into the wild, an AI agent has been successfully phished, and Claude has released a patch for an action vulnerability. The bulletin also covers 28 additional cybersecurity stories, underscoring ongoing concerns about AI systems becoming both tools for and targets of security threats.

The Cybersecurity Stars Awards 2026 has announced winners across 95 categories, recognizing excellence in the field. The awards highlight the industry's focus on emerging challenges including AI-discovered software vulnerabilities, zero trust network access adoption, and the growing demand for cybersecurity risk management expertise. The recognition spans a wide range of cybersecurity disciplines as organizations continue to modernize their security approaches.

Google Cloud has launched AI Threat Defense, an autonomous cybersecurity platform designed to combat AI-powered cyberattacks in real time. The system combines Mandiant's security expertise, Wiz's cloud security capabilities, and Google's Gemini AI to continuously identify vulnerabilities, predict attack paths, and automatically generate and deploy code fixes in minutes rather than days. The platform aims to help organizations fight AI with AI by matching the speed of modern attackers with machine-speed detection, response, and remediation capabilities.

Organizations are rapidly adopting AI agents that now write the majority of code in many enterprises, but cybercriminals are exploiting this same technology to launch machine-speed attacks that overwhelm traditional manual defenses. The challenge has evolved from simply detecting threats to preventing them autonomously, as threat actors can now weaponize AI to create exploits in minutes rather than weeks, forcing companies to shift from reactive cybersecurity tools to AI-powered systems that can identify and remediate vulnerabilities at machine speed. With the ratio of AI agents to humans expected to reach 100 to 1 in large enterprises within a few years, security teams must adopt autonomous defensive systems to match the pace and scale of AI-driven cyberattacks.

A critical vulnerability in Gitea, the popular open-source self-hosted Git service, exposed over thirty thousand deployments to unauthorized access, allowing anyone on the internet to pull supposedly private container images without authentication. The flaw, tracked as CVE-2026-27771, had existed in the code for roughly four years before being patched last week in version 1.26.2, potentially exposing sensitive information like source code, secrets, and production infrastructure details. Security researchers at NoScope discovered that around four thousand of the affected instances were production systems running on major cloud platforms, raising significant concerns for organizations that self-host their development infrastructure.

France-based startup Edamame has launched a runtime security platform designed to detect when AI coding agents drift from their intended purpose and potentially cause security breaches. The system monitors agents like Cursor and Claude Desktop through six integrated layers that track divergence from developer intent and detect attack patterns such as credential harvesting and token exfiltration, while also catching supply-chain attacks that reach developer workstations through compromised packages. The platform aims to shift the security question from trusting developers to verifying that AI agents stay within their operator's original instructions during execution.

IBM and Red Hat are launching Project Lightwell, a five billion dollar initiative backed by over 20,000 engineers to systematically secure open source software across enterprise supply chains. The project will use artificial intelligence to identify and validate vulnerabilities at scale, creating an "enterprise clearinghouse" that will deliver vetted patches and security updates to businesses through commercial subscriptions. Major financial institutions including Bank of America, JPMorganChase, and Goldman Sachs are among the initial participants, reflecting widespread concern about open source security as companies increasingly rely on thousands of open source packages in their infrastructure.