A critical vulnerability in Oracle’s PeopleSoft tool has been exploited by the notorious cyber extortion group ShinyHunters, affecting over a hundred organizations before a solution was available. The flaw, identified as CVE-2026-35273, impacts the PeopleSoft environment management component and has an alarming severity score of 9.8 out of 10. It allows remote control of a vulnerable server without requiring user credentials or actions. The attacks, which occurred between May 27 and June 9, primarily targeted universities, with 70% of the victims being higher education institutions. Oracle issued a security advisory on June 10, after the attacks had already taken place. ShinyHunters used the flaw to infiltrate systems, navigate internal networks, and gather sensitive information, leaving extortion messages on compromised servers. Over 100 organizations have been affected, with 68% from the educational sector, including the University of Nottingham. The breach has exposed around 455,000 email addresses and other personal data. Oracle advises disabling the affected components or restricting internet access to mitigate risks. Experts urge organizations using PeopleSoft to act swiftly, highlighting the speed at which criminal groups can exploit unknown vulnerabilities.
Are 100 universities at risk due to a PeopleSoft vulnerability?
