ShinyHunters is actively extorting universities after exploiting an unpatched Oracle flaw

A zero-day vulnerability in Oracle PeopleSoft has been exploited by the ShinyHunters cybercrime group, potentially compromising over 100 organizations, primarily universities. The attackers have begun extorting their victims, publishing stolen data and naming affected institutions, such as the University of Nottingham. Mandiant and Google Threat Intelligence Group detected the attacks earlier this month, highlighting the group's ongoing malicious activities¹. The vulnerability allows attackers to gain unauthorized access to sensitive data, emphasizing the need for immediate patching and assessment of exposure. Technical details of the flaw are limited, but the swift exploitation by ShinyHunters underscores the importance of prompt action. So what matters to practitioners is that the window for patching is rapidly closing, making it essential to assess their organization's exposure immediately to prevent similar breaches.