BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

ShinyHunters Exploit Oracle Zero-Day, Hit Universities

ShinyHunters exploit Oracle zero-day flaw, targeting universities to steal data

  • The ShinyHunters cybercrime group exploited a critical zero-day flaw in Oracle PeopleSoft to steal data from enterprise systems.
  • The vulnerability, CVE-2026-35273, allows unauthenticated remote code execution and was actively exploited before a patch was available.
  • Higher education institutions were the primary targets, with Google’s Mandiant notifying over 100 organizations, 68% of which were universities.
  • Attackers used a custom script to move laterally across networks and exfiltrate data, which was subsequently posted to a public leak site.

The ShinyHunters extortion crew launched a campaign in late May 2026, exploiting an unpatched flaw in Oracle PeopleSoft to breach enterprise systems and steal sensitive data. They primarily targeted universities, demanding payment to keep the stolen information private according to reports.

- Advertisement -

The critical vulnerability, tracked as CVE-2026-35273, allowed remote code execution without any login credentials. Consequently, attackers could take over servers simply by having network access over HTTP.

Mandiant CTO Charles Carmakal confirmed the bug was being exploited in the wild. Meanwhile, attackers left their own infrastructure exposed, which researchers publicly flagged.

Operational details revealed custom remote-management agents and a lateral-movement script designed to spread across internal networks. This script then compressed stolen data and connected to the attackers’ leak site.

The University of Nottingham has been confirmed as a victim, with data covering approximately 455,000 individuals leaked online. However, ShinyHunters claims more victim announcements are forthcoming.

- Advertisement -

Oracle’s immediate guidance was to disable the vulnerable Environment Management Hub service or block external access to specific endpoints. Organizations are urged to hunt for signs of compromise, such as unexpected files or unusual outbound traffic.

This attack marks a significant escalation for ShinyHunters, which has typically relied on social engineering. Exploiting a server-side zero-day in on-premises ERP software represents a more sophisticated approach.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

Robinhood expands to Europe with leveraged futures

Robinhood is expanding its European derivatives, offering perpetual futures on traditional assets like commodities...

Unpatched Argo CD flaw risks full Kubernetes takeover

An unpatched flaw in Argo CD's repo-server component allows for unauthenticated remote code execution...

Fed to Hike Interest Rates This Year: Polymarket

Market odds now favor a Federal Reserve interest rate increase before year-end, despite no...

Bearish Signs: Analysts Flag $50K Target, ETF Outflows, Efficiency Drop

Analyst Benjamin Cowen noted Bitcoin's current price near $60,326 mirrors its June/July 2018 level,...

Brazilian Banking Trojan Ousaban Targets Iberian Banks

A Brazilian banking trojan named Ousaban is actively targeting Windows users in Spain and...

Must Read

How To Travel With Bitcoin: 9 Travel Companies Accepting Bitcoin

Bitcoin travel is a reality, as several travel companies now accept payments in cryptocurrencies for their services.Those who have opened a Bitcoin account on...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading