A critical zero-day vulnerability in Oracle's PeopleSoft software, tracked as CVE-2026-35273, has been exploited by the ShinyHunters ransomware group to target nearly 100 customers, resulting in the theft of gigabytes of data1. The vulnerability, which carries a severity rating of 9.8 out of 10, was exploited for over two weeks before Oracle flagged it. The attackers used this exploit to extort at least one organization, demanding payment in exchange for not leaking the stolen data. This vulnerability is considered one of the most critical to be exploited this year, making it a high-priority patch for affected organizations. The active discussion involving Google regarding the exploitation status of CVE-2026-35273 emphasizes the need for prompt action. This incident highlights the importance of timely patching and monitoring for organizations using PeopleSoft, as the consequences of exploitation can be severe and far-reaching, making it essential for practitioners to prioritize patching this vulnerability to prevent similar attacks.
PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data
⚠️ Critical Alert
Why This Matters
CVE-2026-35273 is in active discussion involving Google — exploitation status determines whether this is patch-now or monitor.
References
- Ars Technica. (2026, June 12). PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data. *Ars Technica*. https://arstechnica.com/security/2026/06/peoplesoft-0-day-affecting-hundreds-of-organizations-steals-gigabytes-of-data/
Original Source
Ars Technica
Read original →