2026-06-12 05:29 JST / The Hacker News / MEDIUM Summary: ShinyHunters (UNC6240) exploited an unpatched Oracle PeopleSoft zero-day CVE-2026-35273 (CVSS 9.8, affecting PeopleTools 8.61/8.62). This ...
Oracle is warning about a critical PeopleSoft Suite zero-day vulnerability tracked as CVE-2026-35273 that allows unauthenticated remote code execution, with the flaw actively exploited in ShinyHunter ...
Oracle PeopleSoft servers are being targeted in ongoing data theft attacks by the ShinyHunters extortion gang, which claims to have stolen data from over 100 organizations. PeopleSoft is an enterprise ...
Oracle issued emergency guidance for CVE-2026-35273, a critical PeopleSoft flaw exploited in a ShinyHunters-linked campaign targeting universities.
A critical security vulnerability affects Oracle's PeopleSoft Enterprise PeopleTools. Attackers can exploit it without prior authentication and ultimately execute injected malicious code. Admins ...
The notorious cybercrime group ShinyHunters claimed to have hacked Oracle PeopleSoft servers at more than 100 organizations, many of them universities, a ShinyHunters member told TechCrunch on ...
The cybercrime group ShinyHunters has claimed responsibility for a wave of data theft attacks targeting Oracle PeopleSoft servers at more than 100 organisations, the majority of them universities. The ...
The ShinyHunters extortion crew exploited an unpatched flaw in Oracle PeopleSoft to break into enterprise systems, steal data, and demand payment to keep it private. The campaign hit universities ...
Oracle has released mitigations for CVE-2026-35273, but it has not said whether it’s a zero-day exploited in ShinyHunters attacks. Oracle on Thursday released an out-of-band advisory addressing a ...
Data theft and extortion group ShinyHunters has exploited a critical Oracle PeopleSoft bug as a zero-day to compromise more than 100 organizations, including the University of Nottingham, across 300 ...