By Eduard Kovacs
Publication Date: 2026-06-12 06:44:00
Google has confirmed that ShinyHunters is exploiting a PeopleSoft vulnerability that was patched by Oracle this week as a zero-day attack to steal data from organizations.
Oracle has published an out-of-band advisory and security alert for CVE-2026-35273A critical unauthenticated remote code execution vulnerability affecting PeopleSoft Enterprise PeopleTools versions 8.61 and 8.62 and PeopleSoft Enterprise Applications.
The software giant has released workarounds, but patches do not appear to be available.
PeopleSoft is an ERP software suite used by many large organizations to manage a variety of business functions, including human resources, payroll, finance, supply chain, and campus operations.
While the solution is used in many industries, the ShinyHunters campaign exploiting CVE-2026-35273 appears to have been focused on the education sector. The University of Nottingham in the UK is the first confirmed victim.
Mandiant and Google Threat Intelligence Group…
