# 📊 HiddenMerit Daily · Issue 31
> **Focus on Database Frontiers, Practical Insights for DBAs**
> May 27, 2026 | 5 Selected Global Breaking News
## 01|OceanBase Passes CAICT Vector Database Full Test, Integrated AI Data Foundation Receives Another Authoritative Certification
On May 26, the China Academy of Information and Communications Technology (CAICT) officially announced the first half of 2026 batch of “Trustworthy Database” test results. **OceanBase database software successfully completed all test items for vector database basic capabilities**, passing 47 test items (27 mandatory + 20 optional) across seven capability domains: basic functionality, operations management, security, compatibility, scalability, high availability, and tool ecosystem.
The test was conducted according to the “Technical Requirements for Vector Databases” (T/CCSA 573-2024). This standard, jointly developed by CAICT under the Big Data and Blockchain Working Group of the China Communications Standards Association and the Big Data Technology Standard Promotion Committee, together with over 50 industry experts, is the industry’s first vector database technical standard and has become a benchmark for vector database technology development and product selection.
OceanBase uses a single database to simultaneously handle three workloads: transactions, analytics, and AI inference, helping enterprises simplify complex data stacks into a unified intelligent data foundation. OceanBase has previously passed multiple CAICT “Trustworthy Database” evaluations and topped the May 2026 China Database Popularity Ranking with a score of 830.74.
- **DBA Perspective**: OceanBase passing CAICT’s full vector database test marks that domestic databases have completed authoritative standard certification for “AI workload support capability.” For DBAs, this means that managing both structured transactional data and unstructured vector data within the same database system will become the norm. DBAs are advised to focus on OceanBase’s multi-modal convergence architecture – when vector retrieval and transaction processing are completed within the same engine, the DBA’s focus will shift from “maintaining data consistency across multiple systems” to “optimising cross-modal query execution plans.”
- **CTO Perspective**: CAICT’s vector database standard is the industry’s first authoritative standard. OceanBase passing all tests demonstrates its technical maturity for AI workload scenarios. For CTOs planning data architectures for AI applications, an integrated foundation can significantly reduce the operational complexity and data movement costs of multi-component integration.
- **Investor Perspective**: Following OceanBase’s continued top ranking in DB-Engines China Database Popularity, receiving CAICT authoritative certification provides dual endorsement of its technology leadership in the AI‑Native database direction. Capital markets should continue to monitor the cadence of OceanBase’s commercial orders in AI scenarios.
## 02|Percona Live 2026 Opens Today: OurSQL Foundation Officially Launches, MySQL Community-Led Era Begins
From May 27 to 29, the open‑source database technology event **Percona Live 2026** is being held in the Bay Area, USA. A major focus of this year’s conference is that Percona co‑founder Vadim Tkachenko will officially introduce the newly established **OurSQL Foundation** in a keynote, exploring a community‑led future development model for MySQL.
The conference features several major keynotes, including CMU’s Andy Pavlo on “Developing and Optimising Database Systems Using Large Language Models” (opening keynote), Oracle’s Heather VanCura on “The Path to Open Innovation in MySQL”, and VillageSQL’s Dominic Preuss on the design of the MySQL extension framework. Additionally, the conference includes engineers from industry‑leading companies such as Google, Meta, Pinterest, PayPal, Apple, Amazon, and Plaid sharing the latest practices in open‑source databases like MySQL, PostgreSQL, and MongoDB.
This year’s conference also introduces, for the first time, a full day of hands‑on workshops on May 29, covering MySQL security testing environment setup, Valkey Search real‑time recommendation, PostgreSQL high availability automation, PMM observability stack, MongoDB on Kubernetes, MySQL PXC migration, and other practical courses.
- **DBA Perspective**: The official launch of the OurSQL Foundation is a historic moment for the MySQL ecosystem. If the Foundation gains sufficient support from developers and enterprises, the future of MySQL will no longer be dominated by a single vendor. For DBAs who have long relied on the MySQL ecosystem, this change is worth continuous attention. DBAs are advised to follow the cutting‑edge topics at Percona Live 2026 on the MySQL extension framework and AI‑assisted database development – these technology directions will directly impact the operational toolchain over the next 3‑5 years.
- **CTO Perspective**: If the OurSQL Foundation attracts enough resources and contributors, it will provide a more secure technical path for enterprises’ MySQL investments. CTOs with large MySQL technology stacks should closely monitor this development and assess its potential impact on long‑term technology planning. Andy Pavlo’s keynote on using LLMs for database system development is particularly worth attention – AI is changing the development paradigm of database kernels.
- **Investor Perspective**: The OurSQL Foundation is essentially a countermeasure by the open‑source community against the vendor‑led development model. If the Foundation receives support from key enterprise users and cloud vendors, it will gain stronger influence over the governance and evolution direction of the MySQL ecosystem – a positive for related publicly listed companies like MariaDB and for cloud vendors whose core technology stack relies on MySQL’s open‑source capabilities.
Source: Percona Live 2026 Official Agenda
## 03|Hidden Ransomware Economy Exposed: Over 30,000 Exposed Databases Ransomed in 5 Years, 99% of Exposed MongoDB/MySQL Instances Immediately Compromised
On May 26, the Ransomnews research team released a five‑year (May 2021 – May 13, 2026) ransomware economy research report. The study covered 65,907 database systems exposed to the public internet (including MongoDB, MySQL, Elasticsearch, Kibana, and HTTP management panels), of which **30,515 databases (46.3%) had already been implanted with ransomware or wipe notices** at the time of discovery.
The most striking finding of the study is that **MongoDB and MySQL exposure equals immediate compromise**: of the 3,532 exposed MongoDB instances found, 3,525 carried ransomware marks; for MySQL, 2,930 out of 2,930 exposed instances carried ransomware marks – a near‑100% compromise rate. Elasticsearch and Kibana had compromise rates of approximately 98%.
Despite the massive scale of the attacks (involving over 215 billion records), the attackers’ actual earnings were extremely low – 318 of 514 independent attacker wallets never received any payment. Total confirmed revenue over five years was only 9.78 BTC, approximately $753,000. Attackers adopted an industrialised, automated mass scanning and ransomware‑implantation model with highly reused attack templates. Geographically, China ranked first with 11,874 marked databases, followed by the United States with 4,194.
- **DBA Perspective**: This data is an extremely grave security warning for DBAs. 99% of exposed MongoDB and MySQL instances are immediately compromised – this means that if your database port is exposed to the public internet without access controls, compromise is no longer a “probability issue” but a “matter of time.” The study confirms that exposure itself is nearly equivalent to compromise. DBAs must implement the most basic security baseline: **default prohibition of database port exposure to the public internet**; mandatory whitelist access; strong authentication; regular vulnerability scanning. Database exposure management is not “nice to have” – it is the baseline for survival.
- **CTO Perspective**: This five‑year study reveals a “iron law” of database security – directly exposing database engine ports to the public internet makes compromise inevitable, not accidental. China ranking first globally in the number of marked databases indicates that domestic enterprises still have significant gaps in database exposure management. CTOs should establish “exposure management” as a dedicated metric and make database port public exposure a zero‑tolerance item in security baselines.
- **Investor Perspective**: Over 30,000 databases ransomed in five years and 215 billion records leaked, yet total attacker revenue was only $753,000 – this contrast reveals a huge value gap in the database security market. Enterprise customer demand for database access control, exposure scanning, and compliance auditing services will continue to grow. Security companies that can provide database “zero trust” access solutions and automated exposure management are likely to gain valuation premiums from this wave of security anxiety.
## 04|Domestic Database Selection White Paper Released: Compatibility Tops Priority List, AI‑Native Emerges as New Direction
CETC Kingware (formerly Renda Kingware) recently released the “Domestic Database Management System White Paper,” systematically outlining the evolution path of domestic database technology architecture and selection methodologies. The white paper proposes that the selection logic for domestic databases has shifted from “whether it can be used” to “whether we dare to use it” and “how to use it for longer,” with the core indicator system restructured as: **ecosystem compatibility (weight 35%), migration certainty (weight 25%), service continuity (weight 20%)**.
The white paper predicts three major evolution trends for domestic databases over the next 3‑5 years: first, “storage‑compute separation” and “multi‑modal convergence” will become widespread, with unified architecture supporting both OLTP and OLAP; second, intelligent O&M (AIOps) will become standard, with machine learning‑based auto‑tuning, fault prediction, and capacity planning lowering management barriers; third, the boundary between AI and databases will blur, requiring databases to natively embed vector retrieval and semantic analysis capabilities to support large model knowledge bases and intelligent Q&A scenarios. The white paper emphasises that NoSQL solutions focused solely on extreme write speeds are losing their advantage in complex business scenarios, with future architecture tending toward “steady‑state and agile‑state integration.”
Previously, CETC Kingware’s KingbaseES V9 delivered impressive real‑world migration validation data at a leading news website CMS: TPS increased from 12,500 to 16,250 (+30%), storage costs reduced by 48%, full‑text search latency decreased from 450ms to 120ms (-73%), and multimedia read latency decreased from 85ms to 28ms (-67%).
- **DBA Perspective**: Kingware’s white paper assertion that “compatibility is the highest priority indicator” is worth deep consideration by DBAs. In core system replacements for finance, government, and other sectors, compatibility directly determines migration workload and risk. When evaluating domestic databases, DBAs should not only look at TPC‑C scores but also focus on **compatibility with existing stored procedures, triggers, and complex SQL syntax** – this directly determines the migration cost of “how much code needs to be modified.” Additionally, the AIOps trend means that the DBA role will evolve from “manual O&M” to “O&M policy definer.”
- **CTO Perspective**: The white paper provides CTOs with a quantifiable selection framework – a “three‑dimensional evaluation” model (compliance and ecosystem, migration cost and business continuity, long‑term service and evolution capability). Kingware’s CMS real‑world data (30% TPS increase + 48% storage cost reduction) is powerful quantitative evidence that “domestic replacement does not mean performance compromise,” serving as a key reference for selection arguments.
- **Investor Perspective**: Kingware’s white paper reveals a key signal in the domestic database market – selection logic is shifting from “feature benchmarking” to comprehensive evaluation of “migration cost + ecosystem adaptation + AI convergence.” Vendors with “in‑house kernel development + multi‑modal convergence + industry benchmark case” capabilities will continue to enjoy sustained valuation premiums in the deep cultivation phase.
## 05|340 Million OnlyFans User Records Sold: Database Security Alarm Rings Again
On May 25, a hacker listed a database containing **340 million records** from OnlyFans for sale on a dark web forum for 0.313 BTC (approximately $76,000). The leaked data includes usernames, email addresses, phone numbers, follower counts, content upload statistics, associated social media profiles, and last four digits of payment cards.
However, the seller later admitted: “We did not hack or compromise OnlyFans. We leveraged existing leaked databases and matched them with OnlyFans platform users.” This means the database was assembled through multi‑source data correlation (including X, Instagram, Spotify, and other platform data) rather than being stolen directly from OnlyFans systems. Nevertheless, security experts warn that exposed email addresses could still be used by attackers for user profiling and phishing attacks.
- **DBA Perspective**: The OnlyFans data leak reminds DBAs that data security is not just about “preventing intrusions” but also “preventing correlation analysis.” Even if the database itself is not compromised, multi‑source leaked data correlation can still piece together complete user profiles. When assessing data security risks, DBAs should consider the dimension of “if data falls into attackers’ hands, what information could be correlated?” It is recommended to implement more granular data masking and segregated storage strategies for sensitive data.
- **CTO Perspective**: The OnlyFans case reveals a new dimension of “supply chain data security” – data leaks can come not only from system intrusions but also from correlation analysis of multi‑source data. When designing data architecture, CTOs should consider data isolation strategies across different systems to prevent single‑point data leaks from amplifying the damage radius through correlation analysis.
- **Investor Perspective**: 340 million records sold, with the seller admitting no system intrusion – this marks that data security threats have expanded from “active intrusion” to “passive correlation.” Security companies that can provide data leak monitoring, dark web intelligence analysis, and data asset correlation risk assessment will gain a more important position in enterprise security budgets.
Source: TechRepublic & Hackread
## 📅 Recent Database Hot Topics Recap
| Date | Event | Core Highlights |
|------|-------|-----------------|
| May 26 | OceanBase passes CAICT vector database full test | All 47 test items passed; integrated AI data foundation receives another authoritative certification |
| May 27-29 | Percona Live 2026 opens in Bay Area, USA | OurSQL Foundation officially launches; MySQL community‑led era begins |
| May 26 | Ransomnews releases 5‑year ransomware economy study | Over 30,000 exposed databases ransomed in 5 years; 99% of exposed MongoDB/MySQL instances immediately compromised |
| May 26 | CETC Kingware domestic database white paper released | Compatibility tops priority list; AI‑native emerges as new direction |
| May 25 | 340 million OnlyFans user records sold | Multi‑source data correlation leak; data security boundaries expand further |
| May 29 | Tencent Cloud “Database + AI” product launch (2 days countdown) | Debut of six core engines; Agent‑era data foundation final unveiling |
## 📌 Issue Summary
| News | Core Keywords | DBA Actions | CTO/Decision‑Maker Focus | Investor Perspective |
|------|---------------|-------------|--------------------------|----------------------|
| OceanBase passes CAICT vector test | Vector database standard, 47 items passed, integrated AI foundation | Learn cross‑modal query tuning under multi‑modal convergence architecture; focus on vector + transaction integration design | Authoritative certification reduces AI workload DB selection risk; integrated foundation reduces O&M complexity | Technical certification + popularity top ranking; AI‑Native DB commercialisation progress anticipated |
| Percona Live 2026 opens | OurSQL Foundation, AI‑assisted DB development, MySQL extension framework | Pay attention to MySQL ecosystem governance changes; learn cutting‑edge AI‑assisted database kernel development | OurSQL Foundation affects MySQL long‑term roadmap; AI development paradigm changes DB iteration efficiency | Community‑led model affects valuation of MariaDB and related ecosystem companies |
| 5‑year ransomware economy study | 30,000+ DBs ransomed, exposure = compromise, China ranked #1 | Default prohibition of DB port public exposure; mandatory whitelist + strong authentication | DB exposure management included as “zero tolerance” item in security baseline | Zero trust DB access and exposure scanning security companies gain valuation premium |
| Kingware domestic DB white paper | Compatibility weight 35%, AIOps standard, multi‑modal convergence | Make compatibility the primary selection consideration; learn AIOps O&M policy definition | 3‑dimensional evaluation model provides quantifiable selection framework; real‑world data disproves “replacement = compromise” | Selection logic shifts to “migration cost + ecosystem adaptation + AI convergence”; leading vendor valuation premium continues |
| OnlyFans data leak | 340M records, multi‑source correlation leak, supply chain data security | Assess data correlation risk; implement granular masking and segregated storage | Design data isolation strategies to prevent single‑point leaks from amplifying damage radius | Data leak monitoring and dark web intelligence analysis companies face increased demand |
> **HiddenMerit Team Production**
> **Slogan: 绩优隐于内,金石启新程 | Hidden deep. Merit bold. Forge ahead.**
No comments yet