A 14-day window between exploitation and Oracle's advisory left insurers and regulators with no patch and no warning ...
Oracle has warned customers about a critical PeopleSoft flaw that hackers abused before a fix was public. Google says more than 100 organisations may have been exposed, with universities taking the ...
Oracle issued emergency guidance for CVE-2026-35273, a critical PeopleSoft flaw exploited in a ShinyHunters-linked campaign targeting universities.
Oracle PeopleSoft zero-day CVE-2026-35273 exposed 100+ organizations as ShinyHunters stole student records from universities using remote code execution.
One of the world’s most active ransomware groups exploited a critical vulnerability in Oracle’s PeopleSoft software suite and used it to target about 100 customers and extort at least one of them to ...
2026-06-12 05:29 JST / The Hacker News / MEDIUM Summary: ShinyHunters (UNC6240) exploited an unpatched Oracle PeopleSoft zero-day CVE-2026-35273 (CVSS 9.8, affecting PeopleTools 8.61/8.62). This ...
Attackers leveraged a critical unauthenticated RCE bug to breach higher‑ed institutions, deploy stealth remote access tools, and publish stolen data. A newly disclosed Oracle PeopleSoft zero-day ...
Oracle is warning about a critical PeopleSoft Suite zero-day vulnerability tracked as CVE-2026-35273 that allows unauthenticated remote code execution, with the flaw actively exploited in ShinyHunter ...
A critical security vulnerability affects Oracle's PeopleSoft Enterprise PeopleTools. Attackers can exploit it without prior authentication and ultimately execute injected malicious code. Admins ...
The cybercrime group ShinyHunters has claimed responsibility for a wave of data theft attacks targeting Oracle PeopleSoft servers at more than 100 organisations, the majority of them universities. The ...
The notorious cybercrime group ShinyHunters claimed to have hacked Oracle PeopleSoft servers at more than 100 organizations, many of them universities, a ShinyHunters member told TechCrunch on ...