The Next Web

ShinyHunters breached 100+ companies through an unpatched Oracle PeopleSoft zero-day

ShinyHunters exploited CVE-2026-35273 (CVSS 9.8) to breach 100+ organisations using Oracle PeopleSoft. Two-thirds are universities. No patch exists yet.

Google says ShinyHunters hackers targeting education sector via Oracle exploit

Alphabet's cybersecurity unit Mandiant and Google Threat Intelligence Group said Thursday they had identified an ​active compromise and extortion campaign targeting Oracle's PeopleSoft ‌enterprise ...

Oracle warns of security bug that hackers abused to breach 100+ companies

The tech giant warned of a security flaw that a cybercrime gang said it's exploiting as part of a mass-hacking campaign.
SecurityWeek

Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks

Oracle released an out-of-band update for PeopleSoft to address CVE-2026-35273, a zero-day vulnerability likely exploited by ...

Cybercriminals claim breach of Oracle PeopleSoft servers at 100-plus organizations

The ShinyHunters hacking gang claims to have compromised the Oracle PeopleSoft servers of more than 100 organizations, ...

Oracle PeopleSoft servers hacked in ShinyHunters data theft attacks

Oracle PeopleSoft servers are being targeted in ongoing data theft attacks by the ShinyHunters extortion gang, which claims to have stolen data from over 100 organizations.