The GreatXML exploit leverages a security vulnerability in Microsoft’s offline scan function to bypass BitLocker and access encrypted drives from recovery mode after a successful Defender offline scan.
Oracle has patched a critical vulnerability in PeopleSoft Suite (CVE-2026-35273) enabling unauthenticated remote code execution that is already being actively exploited in targeted data theft campaigns by the ShinyHunter group.
Of 206 patched vulnerabilities, 39 are classified as critical, including 56 remote code execution and 63 privilege escalation flaws, with three publicly disclosed zero-days.
An unpatched command injection vulnerability in SD-WAN Manager is being actively exploited, requiring immediate measures to close authentication gaps and monitor logs.
