CSO Online

Oracle PeopleSoft zero‑day fuels ShinyHunters extortion spree

Attackers leveraged a critical unauthenticated RCE bug to breach higher‑ed institutions, deploy stealth remote access tools, ...
The Next Web

ShinyHunters breached 100+ companies through an unpatched Oracle PeopleSoft zero-day

ShinyHunters exploited CVE-2026-35273 (CVSS 9.8) to breach 100+ organisations using Oracle PeopleSoft. Two-thirds are universities. No patch exists yet.

Google says ShinyHunters hackers targeting education sector via Oracle exploit

Alphabet's cybersecurity unit Mandiant and Google Threat Intelligence Group said Thursday they had identified an ​active ...
SecurityWeek

Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks

Oracle released an out-of-band update for PeopleSoft to address CVE-2026-35273, a zero-day vulnerability likely exploited by ...