Dark Reading

ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed

A major bug in Oracle's ERP software disproportionately affected American universities, and hackers have capitalized by stealing gobs of data.
Computer Weekly

Oracle fixes PeopleSoft flaw exploited by ShinyHunters

Oracle has issued an out-of-band patch for a remote code execution (RCE) zero-day vulnerability affecting its PeopleSoft Enterprise PeopleTools product that is being exploited in a rapidly-spreading ...
CSO Online

Oracle PeopleSoft zero‑day fuels ShinyHunters extortion spree

Attackers leveraged a critical unauthenticated RCE bug to breach higher‑ed institutions, deploy stealth remote access tools, ...

Explained: How ShinyHunters hacked over 100 organisations using an Oracle bug

Cybersecurity experts from Google's Threat Intelligence Group have alerted that the hacking group ShinyHunters exploited a ...
The Next Web

ShinyHunters breached 100+ companies through an unpatched Oracle PeopleSoft zero-day

ShinyHunters exploited CVE-2026-35273 (CVSS 9.8) to breach 100+ organisations using Oracle PeopleSoft. Two-thirds are universities. No patch exists yet.

Google says ShinyHunters hackers targeting education sector via Oracle exploit

Alphabet's cybersecurity unit Mandiant and Google Threat Intelligence Group said Thursday they had identified an ​active ...