{"id":271462,"date":"2026-06-12T11:48:00","date_gmt":"2026-06-12T15:48:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/06\/12\/shinyhunters-linked-to-exploitation-of-critical-flaw-in-oracle-peoplesoft\/"},"modified":"2026-06-12T15:00:27","modified_gmt":"2026-06-12T19:00:27","slug":"shinyhunters-linked-to-exploitation-of-critical-flaw-in-oracle-peoplesoft","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/06\/12\/shinyhunters-linked-to-exploitation-of-critical-flaw-in-oracle-peoplesoft\/","title":{"rendered":"ShinyHunters linked to exploitation of critical flaw in Oracle PeopleSoft"},"content":{"rendered":"<p><a href=\"https:\/\/www.cybersecuritydive.com\/news\/shinyhunters-exploitation-critical-flaw-oracle-peoplesoft\/822796\/\">ShinyHunters linked to exploitation of critical flaw in Oracle PeopleSoft<\/a><\/p>\n<p><a href=\"https:\/\/www.cybersecuritydive.com\/news\/shinyhunters-exploitation-critical-flaw-oracle-peoplesoft\/822796\/\">https:\/\/www.cybersecuritydive.com\/news\/shinyhunters-exploitation-critical-flaw-oracle-peoplesoft\/822796\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-06-12 11:48:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.cybersecuritydive.com\">www.cybersecuritydive.com<\/a><\/p>\n<p><span><span><span><span><span><span>A zero-day vulnerability in Oracle PeopleSoft has been exploited in a widespread cyberattack campaign linked to the ShinyHunters threat group, <\/span><\/span><\/span><\/span><\/span><\/span><span><span><span><span><span><span><span><span>according to a report released Thursday<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span><span><span><span><span><span><span> by Mandiant.\u00a0<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span><span><span><span><span><span>Mandiant, the incident response unit of Google, has notified more than 100 global organizations that might have been affected in the attacks. Most of the organizations were in the U.S., and more than two-thirds of them were colleges and universities.<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span><span><span><span><span><span>One of those struck was the University of Nottingham, which said a \u201csignificant amount of data\u201d in its student records was compromised.\u00a0<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span><span><span><span><span><span>&#8220;This is now the subject of a criminal investigation,\u201d a spokesperson told Cybersecurity Dive. \u201cWe are working with the third party that maintains the platform to investigate and we will continue to support the police with their enquiries.\u201d<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<h3 class=\"standard-heading\"><span><span><span><span><span><span>Opening cyber salvo<\/span><\/span><\/span><\/span><\/span><\/span><\/h3>\n<p><span><span><span><span><span><span>The hackers targeted Oracle PeopleSoft servers between May 27 and June 9, by exploiting a critical remote-code execution vulnerability tracked as <\/span><\/span><\/span><\/span><\/span><\/span><span><span><span><span><span><span><span><span>CVE-2026-35273<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span><span><span><span><span><span><span>\u00a0in the product\u2019s Environment Management component. The flaw has a severity score of 9.8.\u00a0<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span><span><span><span><span><span>Oracle <\/span><\/span><\/span><\/span><\/span><\/span><span><span><span><span><span><span><span><span>released a security advisory<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span><span><span><span><span><span><span> warning that the vulnerability in Oracle PeopleSoft PeopleTools versions 8.61 and 8.62 could be exploited remotely, without the need for authentication.\u00a0<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span><span><span><span><span><span>The software company in its advisory did not immediately link the flaw to any particular campaign, but urged immediate action and labeled its recommendations in the alert as \u201chigh-priority risk reduction\u201d measures.<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span><span><span><span><span><span>The attacker infrastructure included customized MeshCentral agents that were disguised as legitimate cloud endpoints, according to Mandiant. MeshCentral is an open source platform that enables a user to remotely manage a computer from any location.\u00a0<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span><span><span><span><span><span>Mandiant noted that some of the targeted organizations were able to block the attack or remediate the vulnerability. Other organizations were compromised, and their&#8230;<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><a href=\"https:\/\/www.cybersecuritydive.com\/news\/shinyhunters-exploitation-critical-flaw-oracle-peoplesoft\/822796\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>ShinyHunters linked to exploitation of critical flaw in Oracle PeopleSoft https:\/\/www.cybersecuritydive.com\/news\/shinyhunters-exploitation-critical-flaw-oracle-peoplesoft\/822796\/ Publish Date: 2026-06-12 11:48:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":271463,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/imgproxy.divecdn.com\/pZvPZQBNr5jjqWqAOEak0xa3o7U70Vi61D2Wc9swcuQ\/g:ce\/rs:fit:770:435\/Z3M6Ly9kaXZlc2l0ZS1zdG9yYWdlL2RpdmVpbWFnZS9HZXR0eUltYWdlcy0xMTc0MDM1ODAxLmpwZw==.webp","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[90,89,57,27],"class_list":["post-271462","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cve","tag-flaw","tag-security","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/271462"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=271462"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/271462\/revisions"}],"predecessor-version":[{"id":271464,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/271462\/revisions\/271464"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/271463"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=271462"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=271462"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=271462"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}