Ancient asteroid impacts may have done more than reshape Earth’s surface.
Get the latest international news and world events from around the world.
ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026–35273) to Breach Universities
The ShinyHunters extortion crew exploited an unpatched flaw in Oracle PeopleSoft to break into enterprise systems, steal data, and demand payment to keep it private. The campaign hit universities hardest.
Google’s Mandiant attributes it to the group it tracks as UNC6240, and dates the activity between May 27 and June 9. Oracle did not publish its advisory until June 10, so the bug was a zero-day the entire time.
The flaw, CVE-2026–35273, is a remote code execution bug in PeopleSoft Enterprise PeopleTools rated 9.8 out of 10. It needs no login and no user interaction, just network access over HTTP, to take over the server. If you run PeopleSoft with the Environment Management Hub reachable from outside, that is your exposure, and the immediate move is to lock those endpoints down.
The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm
“The group actively tracks and evaluates modern vulnerabilities, including CVE-2024–55591, CVE-2025–32433, and CVE-2025–33073, and combines them with technique-driven paths like backup and management-controller abuse and NTLM relay workflows, giving them a flexible exploitation pipeline,” Check Point said.
That’s not all. In March 2026, Hunt.io said it discovered an open directory hosted at “176.120.22[.]127:80” on the Russian bulletproof hosting provider Proton66 that exposed 126 files containing a complete ransomware operator toolkit attributed to a The Gentlemen RaaS affiliate.
This included tools for reconnaissance, privilege escalation, defense evasion, credential theft, lateral movement, persistence, and pre-encryption preparation, essentially spanning all phases of the intrusion lifecycle.
Maine breach portal abused to publish fake data breach disclosures
In an unusual misinformation campaign, fraudulent data breach disclosures were submitted to Maine’s official breach portal and publicly posted before their legitimacy could be verified, prompting companies to deny the claims.
A notice allegedly filed by multiplayer social virtual reality platform VRChat is the most recent entry in the state Attorney General’s breach disclosure database.
However, a company representative told BleepingComputer that the breach notification is fake and has been filed using the name of a fictitious employee.
Oracle mitigates PeopleSoft zero-day exploited in data theft attacks
Oracle is warning about a critical PeopleSoft Suite zero-day vulnerability tracked as CVE-2026–35273 that allows unauthenticated remote code execution, with the flaw actively exploited in ShinyHunter data theft attacks.
The flaw is within Oracle PeopleSoft PeopleTools and has a CVSS base score of 9.8.
“This Security Alert addresses vulnerability CVE-2026–35273 in Oracle PeopleSoft PeopleTools. Oracle PeopleSoft Enterprise Applications customers may also be affected by this vulnerability,” reads a new Oracle advisory.
I watched the new Halo remake gameplay, then replayed the original to nitpick the differences
I’m going into Campaign Evolved with an open mind—expecting different, but not necessarily better. Halo Studios’ official playthrough of mission five, Assault on the Control Room, is so far confirming that impression. I watched the 28-minute video in full and then played the original mission through the MCC to refresh my memory. What follows are some notable differences and observations:
“These lights seem to be responding to our proximity and guiding us to the exit,” a new Cortana voice line says as Chief enters the first of many hexagonal control rooms. It could be a little confusing to find your way around these rooms in the originals, but l always found the flashing white arrows on the ground pointing forward to be sufficient visual guidance. Now, Cortana barks that tip into your ear so you can’t possibly miss it.
Not that you actually need to look for arrows on the ground when Campaign Evolved has added HUD waypoints that are visible at all times. This is one of several ways that Halo Studios’ is applying a modern hand-holdy lens to Combat Evolved.
Scientists discover collagen, the human body’s most abundant protein, is liquid-like inside cells
Collagen, the protein that builds skin, bones, tendons and organs, exists inside cells as a liquidlike droplet rather than the long, rigid rod seen in textbooks over the last half-century, according to a new study from the Center for Genomic Regulation (CRG) in Barcelona.
The finding, published in the Journal of Cell Biology, is the first direct observation of how the most abundant protein in the human body, which accounts for around a third of total protein mass, exists naturally inside living cells.
“Inside a cell, collagens are not rigid molecules as one had assumed. They are in fact very pliable, taking a liquid condensate form much like oil in a drop of water,” explains ICREA Research Professor Vivek Malhotra, senior author of the study at the CRG in Barcelona.
CO₂ injection reveals hidden cement chemistry behind 13% stronger early strength
One September day, it started to snow inside MIT’s Pierce Laboratory. Researchers depressurized a tank of liquid carbon dioxide (CO2), instantly freezing it and releasing solid flakes. These were blended into cement paste and pressed into disks roughly the size of a dime, each sealed with a thin layer of vegetable oil to keep water in and air out. The team trained lasers on each one, observing for the first time the transient chemical reaction that might explain why CO2-injected cement paste gains strength faster.
Injecting CO2 into cement products like concrete is one way to store it and keep it out of the atmosphere. The process has attracted commercial interest, with a growing number of companies offering CO2-injected concrete mixes. But until now, the underlying cement chemistry hadn’t been directly visualized.
A new paper in the Journal of the American Ceramic Society —led by associate professor Admir Masic and first-authored by graduate student Marcin Hajduczek, both of the MIT Concrete Sustainability Hub and MIT Department of Civil and Environmental Engineering—describes the chemical sequence that unfolds after CO2 meets fresh cement paste. Co-authors include MIT colleagues Santiago El Awad and Franz-Josef Ulm, alongside researchers from IIT Jodhpur and CarbonCure Technologies.