#extortion
5 stories taggedextortion.
NAIC Says ShinyHunters Walked Out With Public Data and Stale Logs After PeopleSoft Zero-Day Hit
The regulator-of-regulators confirms an Oracle PeopleSoft zero-day was the entry point, but disputes the extortion crew's claims about what was taken.
ShinyHunters Rode a PeopleSoft Zero-Day Into University Networks
A CVSS 9.8 RCE flaw in Oracle PeopleSoft gave UNC6240 a two-week head start before Oracle even confirmed the bug existed.
ShinyHunters Hit Universities Through PeopleSoft Zero-Day Before Oracle Patch
Mandiant ties a two-week extortion spree against Oracle PeopleSoft deployments to UNC6240, the cluster better known as ShinyHunters.
Silent Ransom Group Escalates Vishing Campaign Against U.S. Law Firms
Mandiant tracks rapid data theft following fake IT-support calls, raising fresh questions about Form 8-K Item 1.05 disclosure timing for affected firms.
ShinyHunters Hits Canvas LMS: 275 Million Records, a Defaced Login Page, and a Free-Tier Attack Vector
The extortion group's May 2026 strike on Instructure exposed how peripheral, lower-security environments can become the entry point that compliance badges never covered.