Critical PeopleSoft 0-Day Exploited by Ransomware Group
A severe vulnerability in Oracle's PeopleSoft software has been exploited by the ShinyHunters ransomware group, affecting hundreds of organizations. Discover how this 9.8 severity flaw is leading to massive data theft and extortion demands.
Overview of the Vulnerability
Oracle's PeopleSoft software suite is currently facing a critical security threat due to a vulnerability tracked as CVE-2026-35273. This SSRF (server-side request forgery) flaw has been exploited by the ShinyHunters group for over two weeks, targeting approximately 100 organizations, primarily in the higher education sector.
The severity rating of 9.8 out of 10 highlights the urgency of this issue. Victims have reported extortion demands, with ShinyHunters claiming to have stolen gigabytes of sensitive data from compromised systems. Key points include:
- Over 300 endpoints targeted by attackers.
- Significant data breaches reported, including at the University of Nottingham.
- Attackers utilized reconnaissance techniques to map configurations and establish connections to their data leak site.
Immediate Actions Required
Organizations using PeopleSoft must prioritize patching this vulnerability. While Oracle has issued a temporary mitigation, a full patch is still pending, leaving many at risk of further exploitation.