RSS

ShinyHunters hacked 100 orgs by exploiting an Oracle PeopleSoft 0-day

Bender2 pts0 comments

ShinyHunters claims Oracle PeopleSoft 0-day hit 100+ orgs

Jump to main content

Search

REG AD

Security

ShinyHunters hacked 100+ orgs by exploiting an Oracle PeopleSoft 0-day

University of Nottingham is first of many, Shiny tells The Reg

Jessica Lyons

Jessica<br>Lyons

Published<br>thu 11 Jun 2026 // 20:01 UTC

Data theft and extortion group ShinyHunters has exploited a critical Oracle PeopleSoft bug as a zero-day to compromise more than 100 organizations, including the University of Nottingham, across 300 vulnerable instances.<br>A spokesperson for the cybercrime crew on Thursday told The Register that they exploited CVE-2026-35273 to break into the university’s PeopleSoft system and steal 40 GB of personal data and billing records belonging to hundreds of thousands of current and former students.<br>ShinyHunters posted the UK university on its data leak site on Tuesday before publishing the stolen files later that same day, presumably because the school refused to pay the extortion demand.

REG AD

REG AD

“University of Nottingham on our leak site is one of the first publicly confirmed incidents,” a ShinyHunters spokesperson told us. “We have only just started outreach to affected orgs and are actively looking to reach an agreement with affected orgs.”<br>They didn’t say when they planned to post the other 100 or so claimed victims.<br>A Google threat intelligence report published Thursday afternoon corroborated ShinyHunters’ claims to have compromised more than 100 organizations.<br>Google said it spotted malicious activity, “consistent with the exploitation of CVE-2026-35273,” between May 27 and June 9, and notified more than 100 global orgs “whose IP addresses correlated with potentially vulnerable endpoints."<br>Most of these, we’re told, are based in the US and 68 percent are in the higher-education sector.

MORE CONTEXT

Malware scare keeps schoolkids home for a second day

Nottingham Uni says student records raided after ShinyHunters claims cyberattack

Oxford Uni student data pwned yet again - this time via career platform breach

If you don't fall for these extortionists' calls, they'll show up with USB sticks

PeopleSoft is a widely used enterprise software suite that large corporations and institutions use to manage their human resources, payroll and billing applications, supply chains, and student records.<br>CVE-2026-35273 is a 9.8 CVSS-rated vulnerability that allows remote, unauthenticated attackers with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools and fully take over the platform.<br>On Wednesday, a day after ShinyHunters leaked the school’s data, the University of Nottingham confirmed the breach and Oracle issued an out-of-band security alert. It’s unclear, however, if the software provider has issued a patch to fix the security flaw. The Register reached out to Oracle, and did not receive any response to our questions.

REG AD

Google-owned Mandiant Chief Technology Officer Charles Carmakal, in a brief LinkedIn post on Thursday, warned that PeopleSoft was one of two zero-day vulnerabilities “actively being exploited in the wild.”<br>“Oracle released mitigations,” Carmakal wrote. “Patches should come soon.”<br>The other zero-day, for the record, is this Cisco Catalyst SD-WAN Manager vulnerability.®

security<br>peoplesoft<br>cyber-crime<br>oracle<br>shinyhunters<br>zero-day

REG AD

ai and ml

Claude is ready for its corporate close-up

IDC says recent moves show Anthropic racing to meet enterprise requirements

ai and ml

Everyone hates frontier AI labs, says Palantir boss

'Enterprises are fed up,' says Alex Karp, because LLM makers 'want to tokenmax' instead of understanding enterprise needs

ZTE wins three Selular Award 2026 honors for AI-powered network innovation

PARTNER CONTENT: Recognized for breakthrough achievements in FWA, Network Ecosystem, and Native AI Baseband, ZTE solidifies its role as a key driver of Indonesia’s 5G-Advanced and AI economic growth

AI AND ML

Anthropic recruits army to sell Claude to nonprofits

Join Claude Corps, see the world, spread the gospel of AI

PAAS AND IAAS

Graviton 5 impresses, but please, for the love of all that's holy, stop calling them 'AI chips'

AWS better at running chip fabs than their mouths

Security

ShinyHunters hacked 100+ orgs by exploiting an Oracle PeopleSoft 0-day

University of Nottingham is first of many, Shiny tells The Reg

MOST POPULAR

public sector

GOV.UK goes Dutch on payments as it dumps Stripe

security

GitHub nukes 70+ Microsoft repos, breaks CI/CD pipelines, following suspected worm infections

SECURITY

All the passwords were stored in Active Directory description fields

Security

Angry bug hunter with Microsoft beef drops new Windows 0-day

Security

Signal says UK plan to scan devices for nude images 'endangers us all'

EVENTS

Thriving Through Volatility: The Everpure Advantage in an Uncertain Market

Learn how a consumption-based operating model provides flexibility, improves efficiency, and brings predictability to...

shinyhunters peoplesoft oracle security orgs university

Related Articles

The Newest Instagram "Exploit" Is the Goofiest I've Seen

ssiddharth34 ptsaccount attacker email instagram seen like

Apple WWDC 2026 Livestream

nextstep32 ptsapple stream video event live feed

Claude Fable 5

Philpax30 ptsfable claude mythos model models capabilities

It's Not Just X. It's Y

mooreds21 ptslanguage model writing like grammarly human

Show HN: GoPeek – open links in live mini browser windows without new tabs

GeorgeWoff2518 ptsgopeek open browser links live mini
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.