logo

ShinyHunters is actively extorting universities after exploiting an unpatched Oracle flaw

ID: 6b881fcb-6657-5c60-a399-0da34c756dcd

STIX ID: report--6b881fcb-6657-5c60-a399-0da34c756dcd

Feed Name: CyberScoop

Threat Score
80/100

Date Published: 2026-06-12

Date Updated: 2026-06-13

Author: Matt Kapko

...
...

Researchers report that the ShinyHunters cybercrime group exploited a zero-day in Oracle PeopleSoft PeopleTools (CVE-2026-35273) to achieve unauthenticated remote code execution, potentially compromising networks and stealing data from more than 100 organizations—68% in higher education; attacks began around May 27, extortion is ongoing, Google and Mandiant are tracking victims, and Oracle has not yet released a patch.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.