Oracle has identified a critical vulnerability in its PeopleSoft software that could allow hackers to execute remote code without needing authentication. This issue, found in the PeopleSoft PeopleTools, poses a significant threat to PeopleSoft Enterprise Applications. Oracle has urged its customers to implement recommended mitigations immediately to reduce risk and to ensure their systems are updated with the latest security patches. Meanwhile, Mandiant and Google Threat Intelligence Group have reported an active campaign exploiting this vulnerability, targeting over 100 organizations, primarily in the United States and within the higher education sector. The hacking group behind these attacks has allegedly leaked sensitive data, including billing records and payment details, on their site. This incident is part of a broader trend of increasing cyberattacks, with companies like Hasbro and CarGurus also facing significant breaches in recent months.
Are PeopleSoft Servers at Risk Due to New Vulnerability?
