Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

ShinyHunters Oracle PeopleSoft data theft from 300 instances

Data Leak
First reported
Last updated
Happening score
H score 46
1 unique sources, 1 articles

Summary

Hide ▲

The ShinyHunters data-leak event against Oracle PeopleSoft instances exposed data from 300 instances across 100+ organizations, expanding the risk of theft-driven extortion. The activity was tied to exploitation of CVE-2026-35273, a critical zero-day that allowed unauthenticated remote code execution. Oracle issued emergency mitigations while operators were told to review logs for attacker IPs.

Related Happenings

Oracle PeopleSoft PeopleTools zero-day RCE (CVE-2026-35273)

Vulnerability
H score58 First: 11.06.2026 22:39 Last: 11.06.2026 22:39 Sources 1

How related: Oracle is warning about a critical PeopleSoft Suite zero-day vulnerability tracked as CVE-2026-35273 that allows unauthenticated remote code execution, with the flaw actively exploited in ShinyHunter data theft attacks.

About this happening: **Oracle PeopleSoft PeopleTools** **CVE-2026-35273** is a critical **zero-day RCE** affecting **versions 8.61 and 8.62**. Oracle has released **emergency mitigations** while a pat...

Open Happening

Oracle WebLogic Server CVE-2026-21962 rapid exploitation wave

Exploitation Wave
H score52 First: 26.03.2026 18:00 Last: 26.03.2026 18:00 Sources 1

About this happening: **Oracle WebLogic Server** systems faced a rapid **CVE-2026-21962** exploitation wave after public exploit code appeared, creating immediate **RCE risk** for exposed servers. The...

Open Happening

Madison Square Garden hit by network compromise linked to Cl0p

Incident
H score30 First: 02.03.2026 15:53 Last: 02.03.2026 15:53 Sources 1

About this happening: **Madison Square Garden** confirmed a **data breach** that exposed **names and SSNs**, and it has started notifying affected people. The compromise involved a **hosted Oracle E-Bu...

Open Happening

Clop ransomware gang campaign expands across multiple victims

Campaign
H score62 First: 02.12.2025 14:55 Last: 02.12.2025 14:55 Sources 1

About this happening: A **Clop** extortion campaign is actively stealing data from **Oracle E-Business Suite** customers using **CVE-2025-61882**, putting multiple organizations at risk of theft and le...

Open Happening

Logitech International S. . hit by data theft breach linked to Clop

Incident
H score58 First: 15.11.2025 00:18 Last: 15.11.2025 00:18 Sources 1

About this happening: **Logitech** confirmed a **data breach** that exposed **limited employee, consumer, customer, and supplier data**, creating privacy and extortion risk even though **products and o...

Open Happening

Timeline

  1. 11.06.2026 22:39 1 articles · 2h ago

    ShinyHunters exploits Oracle PeopleSoft zero-day to steal data

    Exploitation Observed

    ShinyHunters exploited CVE-2026-35273 against Oracle PeopleSoft instances in a wave of data-theft attacks that left ransom notes, and the group said it used a gadget chain of old and zero-day flaws to breach the environments. The campaign allegedly stole data from 300 instances across more than 100 organizations.

    Show sources
    Open in new tab
  2. 11.06.2026 22:39 2 articles · 2h ago

    Oracle releases emergency mitigations for CVE-2026-35273 in PeopleSoft PeopleTools

    Mitigation Patch Update

    Oracle warned that CVE-2026-35273 in Oracle PeopleSoft PeopleTools is remotely exploitable without authentication, can lead to remote code execution, and affects PeopleSoft Enterprise PeopleTools versions 8.61 and 8.62. The company released emergency mitigations for the flaw and said a patch was coming soon.

    Show sources
    Open in new tab