By The Hacker News
Publication Date: 2026-06-11 20:29:00
The ShinyHunters extortion team exploited an unaddressed vulnerability in Oracle PeopleSoft to break into corporate systems, steal data, and demand payment to keep the data private. The campaign hit universities the hardest.
Mandian by Google Attributes It transfers it to the group tracking it as UNC6240 and dates the activity between May 27 and June 9. Oracle didn’t release its advisory until June 10, so the bug was a zero-day all along.
The error, CVE-2026-35273is a remote code execution bug in PeopleSoft Enterprise PeopleTools rated 9.8 out of 10. No login or user interaction is required, just network access via HTTP to take over the server. If you are running PeopleSoft with the Environment Management Hub accessible from outside, this is your risk and the immediate action is to lock down these endpoints.
The vulnerability lies in the Updates Environment Management component, the part behind the Environment Management Hub (PSEMHUB). Oracle…