Oracle PeopleSoft PeopleTools zero-day exploited by ShinyHunters (CVE-2026-35273)
Oracle issued an emergency out-of-band alert after the ShinyHunters crew exploited a critical unauthenticated remote-code-execution zero-day in PeopleSoft PeopleTools to steal data from more than 100 organisations, most of them universities.
- Victim
- Oracle PeopleSoft