Oracle warns of security bug that hackers abused to breach 100+ companies

The tech giant warned of a security flaw that a cybercrime gang said it's exploiting as part of a mass-hacking campaign.

Oracle Warns PeopleSoft Customers After Critical Zero-Day Exploited

Oracle issued emergency guidance for CVE-2026-35273, a critical PeopleSoft flaw exploited in a ShinyHunters-linked campaign ...
SecurityWeek

Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks

Oracle released an out-of-band update for PeopleSoft to address CVE-2026-35273, a zero-day vulnerability likely exploited by ...
CSO Online

Oracle PeopleSoft zero‑day fuels ShinyHunters extortion spree

Attackers leveraged a critical unauthenticated RCE bug to breach higher‑ed institutions, deploy stealth remote access tools, ...
Dark Reading

ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed

A major bug in Oracle's ERP software disproportionately affected American universities, and hackers have capitalized by stealing gobs of data.
SecurityWeek

Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters

PeopleSoft vulnerability mitigated by Oracle this week has been exploited by ShinyHunters as a zero-day to steal data from ...

Explained: How ShinyHunters hacked over 100 organisations using an Oracle bug

Cybersecurity experts from Google's Threat Intelligence Group have alerted that the hacking group ShinyHunters exploited a ...
Computerworld

Industry

Anthropic’s new privacy policy offers US consumers a way around the Fable ban A policy provision for scanning customers’ identity documents could enable Anthropic to distinguish between foreign and ...
The Hacker News

The Hacker News | #1 Trusted Source for Cybersecurity News

An unknown threat actor has been observed leveraging paid or promoted posts on legitimate news websites to drum up buzz for their warez, according to new findings from Check Point Research. The threat ...