Massive data theft follows zero-day flaw in Oracle PeopleSoft
A critical PeopleSoft zero-day (CVE-2026-35273) was exploited by the ShinyHunters ransomware group to target about 100 organizations, stealing gigabytes of data and pressuring victims for ransom. The flaw is a remotely exploitable SSRF vulnerability, and Oracle has issued mitigations but not a full patch yet. Roughly 68% of affected entities are in higher education, including the University of Nottingham, with attackers mapping configurations and exfiltrating data to a data-leak site, where some victims’ data was published; Mandiant and Rapid7 are providing IOCs and remediation guidance.