Oracle is sounding the alarm about a critical vulnerability in its PeopleSoft Suite that has been actively exploited in a series of high-profile data theft attacks.

The Zero-Day Vulnerability

CVE-2026-35273, a zero-day vulnerability, allows unauthenticated remote code execution, making it extremely difficult for organizations to defend against without timely patching and monitoring.

This flaw has been tracked by researchers and security experts, who have identified its exploitation in ShinyHunter data theft attacks.

ShinyHunter Data Theft Attacks

The ShinyHunter group, known for their sophisticated and targeted attacks, has been using the CVE-2026-35273 zero-day vulnerability to breach PeopleSoft databases and steal sensitive information.

According to researchers, the attackers are using a combination of social engineering tactics and exploit kits to gain access to the vulnerable systems.

Risk to Organizations

Oracle is urging organizations that use PeopleSoft Suite to take immediate action to patch the vulnerability and monitor their systems for signs of exploitation.

The company has released an out-of-band patch for the affected version of the software, but it is essential for organizations to apply the fix as soon as possible to prevent potential data breaches.

Cautionary Measures

To mitigate the risk of being targeted by ShinyHunter or similar attacks, organizations should consider implementing additional security measures, such as:

  • Regularly updating and patching PeopleSoft Suite to the latest version.
  • Implementing web application firewalls (WAFs) to detect and block suspicious traffic.
  • Conducting regular vulnerability assessments and penetration testing.
  • Providing employee training on security best practices and awareness of phishing and social engineering attacks.

Conclusion

Oracle’s warning highlights the importance of timely patching and monitoring in preventing data theft attacks. Organizations must take proactive steps to address this critical vulnerability and remain vigilant against emerging threats.”

For more information on Oracle’s recommendations for mitigating CVE-2026-35273, please visit Oracle’s official support page.