A zero-day vulnerability in Oracle PeopleSoft, identified as CVE-2026-35273, has been exploited by the ShinyHunters extortion crew to breach university systems and steal sensitive data1. The attacks, attributed to the UNC6240 group, occurred between May 27 and June 9, prior to Oracle's publication of a security advisory on June 10. The flaw was leveraged to gain unauthorized access to enterprise systems, with the attackers demanding payment in exchange for not disclosing the stolen data. The exploitation of this vulnerability has significant implications for organizations using Oracle PeopleSoft, particularly universities that have been disproportionately affected. The active discussion surrounding CVE-2026-35273, involving Google, highlights the need for prompt patching or close monitoring to mitigate potential attacks, making it a critical concern for security practitioners to address immediately.
ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities
⚠️ Critical Alert
Why This Matters
CVE-2026-35273 is in active discussion involving Google — exploitation status determines whether this is patch-now or monitor.
References
- The Hacker News. (2026, June 11). ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities. *The Hacker News*. https://thehackernews.com/2026/06/shinyhunters-exploits-oracle-peoplesoft.html
Original Source
The Hacker News
Read original →