Universities running Oracle servers became the primary targets of an extortion campaign that exploited a missing authentication flaw tracked as CVE-2026-35273. Attackers used the vulnerability to ...