Storia in 9 fonti

Falla critica CVSS 9.8 in Oracle PeopleSoft: ShinyHunters sfrutta lo zero-day per 14 giorni

ShinyHunters ha sfruttato come zero-day CVE-2026-35273, una vulnerabilit� critica (CVSS 9.8) in Oracle PeopleSoft sfruttabile senza autenticazione, colpendo oltre 100 organizzazioni in 14 giorni. Oracle non ha ancora rilasciato una patch

Raccontata dasecurityweek.comthenextweb.combleepingcomputer.comtechcrunch.comthehackernews.combenzinga.comedge9.hwupgrade.itarstechnica.comdarkreading.com

Confronto fonti

6 prospettive sulla stessa storia

AI · summaries

edge9.hwupgrade.itStai leggendo7 h fa

Falla critica CVSS 9.8 in Oracle PeopleSoft: ShinyHunters sfrutta lo zero-day per 14 giorni

ShinyHunters ha sfruttato come zero-day CVE-2026-35273, una vulnerabilit� critica (CVSS 9.8) in Oracle PeopleSoft sfruttabile senza autenticazione, colpendo oltre 100 organizzazioni in 14 giorni. Oracle non ha ancora…

originale

thenextweb.com1 g fa

ShinyHunters breached 100+ companies through an unpatched Oracle PeopleSoft zero-day

ShinyHunters exploited Oracle PeopleSoft zero-day (CVE-2026-35273) to breach 100+ organizations, mostly universities, with no available patch. For IT managers, this breach signals industrialized exploitation of enterprise software; immediate risk before patch becomes available.

Leggi questa versione → originale

securityweek.com14 h fa

Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters

PeopleSoft vulnerability mitigated by Oracle this week has been exploited by ShinyHunters as a zero-day to steal data from organizations.

Leggi questa versione → originale

bleepingcomputer.com1 g fa

Oracle mitigates PeopleSoft zero-day exploited in data theft attacks

Oracle is warning about a critical PeopleSoft Suite zero-day vulnerability tracked as CVE-2026-35273 that allows unauthenticated remote code execution, with the flaw actively exploited in ShinyHunter data theft attacks.

Leggi questa versione → originale

thehackernews.com1 g fa

ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities

Oracle PeopleSoft zero-day CVE-2026-35273 was exploited before Oracle's June 10 advisory, exposing data and triggering extortion attacks.

Leggi questa versione → originale

arstechnica.com1 h fa

PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data

Vulnerability in the Oracle-owned PeopleSoft software is about as critical as they come.

Leggi questa versione → originale

Timeline cronologica

1. giovedì 11 giugno 2026·securityweek.com
   

   Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks

   Oracle released an out-of-band update for PeopleSoft to address CVE-2026-35273, a zero-day vulnerability likely exploited by ShinyHunters.

2. giovedì 11 giugno 2026·thenextweb.com
   

   ShinyHunters breached 100+ companies through an unpatched Oracle PeopleSoft zero-day

   ShinyHunters exploited CVE-2026-35273 (CVSS 9.8) to breach 100+ organisations using Oracle PeopleSoft. Two-thirds are universities. No patch exists yet.

3. giovedì 11 giugno 2026·bleepingcomputer.com
   

   Oracle mitigates PeopleSoft zero-day exploited in data theft attacks

   Oracle is warning about a critical PeopleSoft Suite zero-day vulnerability tracked as CVE-2026-35273 that allows unauthenticated remote code execution, with the flaw actively…

4. giovedì 11 giugno 2026·techcrunch.com
   

   Oracle warns of security bug that hackers abused to breach 100+ companies | TechCrunch

   The tech giant warned of a security flaw that a cybercrime gang said it's exploiting as part of a mass-hacking campaign. Google said it notified more than 100 organizations that…

5. giovedì 11 giugno 2026·thehackernews.com
   

   ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities

   Oracle PeopleSoft zero-day CVE-2026-35273 was exploited before Oracle's June 10 advisory, exposing data and triggering extortion attacks.

6. venerdì 12 giugno 2026·securityweek.com
   

   Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters

   PeopleSoft vulnerability mitigated by Oracle this week has been exploited by ShinyHunters as a zero-day to steal data from organizations.

7. venerdì 12 giugno 2026·benzinga.com
   

   Google Sounds Alarm On Active Oracle PeopleSoft Zero-Day Attacks Linked To ShinyHunters - Alphabet (NASDA

   Google warned of a ShinyHunters extortion campaign exploiting an Oracle PeopleSoft zero-day flaw affecting over 100 organizations.

8. venerdì 12 giugno 2026·edge9.hwupgrade.it
   

   Falla critica CVSS 9.8 in Oracle PeopleSoft: ShinyHunters sfrutta lo zero-day per 14 giorni

   ShinyHunters ha sfruttato come zero-day CVE-2026-35273, una vulnerabilit� critica (CVSS 9.8) in Oracle PeopleSoft sfruttabile senza autenticazione, colpendo oltre 100…

9. venerdì 12 giugno 2026·arstechnica.com
   

   PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data

   Vulnerability in the Oracle-owned PeopleSoft software is about as critical as they come.

10. venerdì 12 giugno 2026·darkreading.com
    

    ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed

    A major bug in Oracle's ERP software disproportionately affected American universities, and hackers have capitalized by stealing gobs of data.