{"id":15673,"date":"2026-06-12T23:16:26","date_gmt":"2026-06-12T23:16:26","guid":{"rendered":"https:\/\/techtrendfeed.com\/?p=15673"},"modified":"2026-06-12T23:16:27","modified_gmt":"2026-06-12T23:16:27","slug":"peoplesoft-0-day-affecting-lots-of-of-organizations-steals-gigabytes-of-knowledge","status":"publish","type":"post","link":"https:\/\/techtrendfeed.com\/?p=15673","title":{"rendered":"PeopleSoft 0-day affecting lots of of organizations steals gigabytes of knowledge"},"content":{"rendered":"<p> <br \/>\n<br \/><img decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2025\/12\/GettyImages-1867844462-1152x648.jpg\" \/><\/p>\n<p>One of many world\u2019s most energetic ransomware teams exploited a essential vulnerability in Oracle\u2019s PeopleSoft software program suite and used it to focus on about 100 clients and extort no less than one among them to pay up in alternate for not leaking stolen knowledge, researchers stated.<\/p>\n<p>The group, tracked as ShinyHunters, had been exploiting the PeopleSoft vulnerability for greater than two weeks earlier than Oracle <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/blogs.oracle.com\/security\/security-alert-cve-2026-35273-released\">flagged<\/a> it. CVE-2026-35273, because the vulnerability is tracked, carries a severity score of 9.8 out of 10, making the previous zero-day one of many 12 months\u2019s most important vulnerabilities to be exploited.<\/p>\n<p>Google\u2019s Mandiant safety group <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/cloud.google.com\/blog\/topics\/threat-intelligence\/shinyhunters-targets-education-sector-oracle-exploit\">stated<\/a> it\u2019s an SSRF (server-side request forgery), a vulnerability that enables attackers to ship requests from a prone server to programs utilized by the focused group. Oracle stated the SSRF is remotely exploitable, and the corporate has issued a stopgap mitigation however has but to totally patch the flaw. Google has confirmed that victims are receiving extortion calls for.<\/p>\n<p><a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/arstechnica.com\/security\/2026\/06\/peoplesoft-0-day-affecting-hundreds-of-organizations-steals-gigabytes-of-data\/\">Learn full article<\/a><\/p>\n<p><a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/arstechnica.com\/security\/2026\/06\/peoplesoft-0-day-affecting-hundreds-of-organizations-steals-gigabytes-of-data\/#comments\">Feedback<\/a><\/p>\n\n","protected":false},"excerpt":{"rendered":"<p>One of many world\u2019s most energetic ransomware teams exploited a essential vulnerability in Oracle\u2019s PeopleSoft software program suite and used it to focus on about 100 clients and extort no less than one among them to pay up in alternate for not leaking stolen knowledge, researchers stated. The group, tracked as ShinyHunters, had been exploiting [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":15675,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[54],"tags":[3209,8217,157,9401,1027,1846,9393,3578],"class_list":["post-15673","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tech-news","tag-0day","tag-affecting","tag-data","tag-gigabytes","tag-hundreds","tag-organizations","tag-peoplesoft","tag-steals"],"_links":{"self":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/15673","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=15673"}],"version-history":[{"count":1,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/15673\/revisions"}],"predecessor-version":[{"id":15674,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/15673\/revisions\/15674"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/media\/15675"}],"wp:attachment":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=15673"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=15673"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=15673"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}<!-- This website is optimized by Airlift. Learn more: https://airlift.net. Template:. Learn more: https://airlift.net. Template: 69d9690a190636c2e0989534. Config Timestamp: 2026-04-10 21:18:02 UTC, Cached Timestamp: 2026-06-15 11:21:02 UTC -->