Security Affairs newsletter Round 581 by Pierluigi Paganini – INTERNATIONAL EDITION

A critical vulnerability in Oracle PeopleSoft Enterprise PeopleTools has been added to the U.S. Cybersecurity and Infrastructure Security Agency's (CISA) Known Exploited Vulnerabilities catalog, signaling a potentially significant threat to organizations using this software. This development comes as part of a broader landscape of emerging threats, including the breach of a California water utility by the Iran-linked Handala group, which underscores the evolving nature of attack methods. The U.S. government's decision to halt Anthropic's Fable 5 and Mythos 5 models also suggests a growing awareness of the need for regulatory oversight in the tech sector. The CISA catalog update serves as a warning to organizations to patch their systems to prevent exploitation of the Oracle flaw¹. This matters to security practitioners because a breach involving CISA can have downstream regulatory and supply-chain effects, making it essential to stay vigilant and proactive in addressing potential vulnerabilities.