#peoplesoft Tech News.

ShinyHunters breached more than 100 organizations through an unauthenticated remote code execution flaw in Oracle PeopleSoft before Oracle issued an advisory. Roughly two-thirds of the victims were universities, targeted not for their data but because higher education is under-resourced on security and slow to patch, making it the softest segment of a widely deployed enterprise stack.

Oracle warned customers of a critical PeopleSoft vulnerability after ShinyHunters claimed breaches of over 100 organizations using PeopleSoft. Oracle has not yet issued a patch for the flaw.

Oracle disclosed a critical PeopleSoft vulnerability (CVE-2026-35273) enabling unauthenticated remote code execution. Mandiant and Google Threat Intelligence Group identified an active extortion campaign targeting PeopleSoft servers, notifying over 100 global organizations. 68% of affected entities were in higher education, with stolen data including billing records and payment details published online.

ShinyHunters exploited CVE-2026-35273, a critical unpatched remote code execution flaw in Oracle PeopleSoft PeopleTools, to breach university systems. The zero-day carries a CVSS score of 9.8, requires no authentication, and was actively exploited between May 27 and June 9 before Oracle's June 10 advisory.

ShinyHunters exploited an unpatched Oracle PeopleSoft zero-day (CVE-2026-35273, CVSS 9.8) to breach over 100 organizations, mostly universities. Oracle warned customers Thursday but has not released a patch. Mandiant confirmed the bug is the same one ShinyHunters is abusing. The University of Nottingham had 40 GB of data stolen.

Oracle warned of a critical PeopleSoft zero-day, CVE-2026-35273, with a CVSS score of 9.8, enabling unauthenticated remote code execution. The flaw affects PeopleTools versions 8.61 and 8.62 and is actively exploited by the ShinyHunters extortion gang in data theft attacks. Oracle released emergency mitigations and plans a patch.