SecurityWeek

Oracle’s Second Monthly Security Updates Deliver 245 Patches

Oracle announced the release of its June 2026 Critical Security Patch Update (CSPU) to address 245 vulnerabilities.
Morning Overview on MSN

A 9.8-rated Oracle flaw let hackers seize servers for two weeks before any patch existed

Organizations running Oracle WebLogic Server faced active attacks for roughly two weeks before any official fix arrived, ...
CIO

Oracle’s first monthly patch release fixes 35 flaws, including 11 rated ‘critical’

Oracle has released the first security fixes in its new monthly Critical Security Patch Update (CSPU) cycle, designed to address urgent vulnerabilities that can’t wait for the company’s quarterly ...

Oracle warns customers of critical PeopleSoft attack after hundreds of servers hacked by apparent ShinyHunters data theft attacks

High-severity CVSS 9.8 PeopleSoft vulnerability caused over 100 organizations to become victims, including universities.
Dark Reading

Few Oracle Customers Have Official Database Patching Policies

Most organizations running Oracle databases don't require the application of the database vendor's Critical Patch Updates -- in fact, only 26 percent need them, according to a new report. "What I ...