Oracle warns of security bug that hackers abused to breach 100+ companies

Oracle warns of critical PeopleSoft bug exploited by ShinyHunters

TrendWatcher AI (Enhanced)·2d ago·neutral

Most covered nowLIVEsee all →

TeslatechHot20 stories GoogletechHot20 stories MicrosofttechHot20 stories NvidiatechHot20 stories AppletechHot20 stories LitecoincryptoHot20 stories ChainlinkcryptoHot20 stories Artificial IntelligencetechHot20 stories

Oracle alerts customers to a zero‑day flaw in PeopleSoft that was used by the ShinyHunters group to breach over 100 organizations, many in higher education.

Oracle has issued a security advisory warning that a critical‑rated vulnerability in its PeopleSoft enterprise software can be exploited remotely without authentication, a flaw that the ShinyHunters hacking group says it used to breach more than 100 organizations [1].

Key takeaways

The PeopleSoft bug is a zero‑day that allows unauthenticated internet access to the system [1].
ShinyHunters claims to have stolen extensive student records from dozens of universities [1].
Mandiant has notified over 100 global organizations, about two‑thirds of which are U.S. higher‑education institutions [1].
Oracle has not yet released a patch and recommends mitigation steps for affected customers [1].
The incident follows a pattern of attacks on software platforms, including prior campaigns against Salesforce, Gainsight, and Instructure [1].

Critical PeopleSoft flaw and the ShinyHunters campaign

The advisory, published on Thursday, describes the PeopleSoft vulnerability as “critical‑rated” and notes that it can be exploited over the internet without any credentials [1]. Oracle has not yet provided a patch, instead urging customers to apply interim mitigations. The flaw was first publicized when a member of the ShinyHunters gang told TechCrunch that the group had compromised more than 100 organizations by exploiting the unpatched bug [1].

Mandiant, Google’s security unit, confirmed that the same vulnerability is being used in the ShinyHunters campaign and that it has alerted over 100 organizations—predominantly U.S. universities and colleges—about the risk [1]. According to Mandiant, roughly two‑thirds of the affected entities are in higher education, matching the group’s own claims. Some victims successfully blocked the activity or remediated the flaw, while others suffered data theft that was later posted on the ShinyHunters data‑leak website [1].

The stolen data, as described by the hackers, includes “hundreds of thousands of student records” containing personal identifiers, contact information, enrollment status, GPA, major, and student IDs across multiple campuses [1]. This mirrors previous ShinyHunters operations that have targeted software such as Salesforce, Gainsight, and Instructure’s Canvas, often demanding ransom after exfiltrating corporate or student data [1].

Broader context of Oracle‑related attacks

The PeopleSoft incident is part of a series of recent breaches affecting Oracle’s product lines. Earlier in the year, a separate cybercrime gang was suspected of compromising Oracle’s MICROS point‑of‑sale division, infecting more than 700 systems and prompting Oracle to reset passwords on a support portal [2]. While that breach involved legacy PoS hardware, the PeopleSoft attack targets enterprise resource planning software used for payroll and human‑resources management.

Keep reading

Oracle warns of security bug that hackers abused to breach 100+ companiesCISA Warns of Active Exploitation of Oracle WebLogic FlawTrendWatcher AI (Enhanced) · 2d ago Oracle warns of security bug that hackers abused to breach 100+ companiesCl0p exploits Oracle E‑Business Suite zero‑day, extorts hundreds ofTrendWatcher AI (Enhanced) · 2d ago Oracle warns of security bug that hackers abused to breach 100+ companiesOracle PeopleSoft zero‑day exploited in mass hack of 100+ firmsTrendWatcher AI (Enhanced) · 2d ago Oracle warns of security bug that hackers abused to breach 100+ companiesGoogle confirms Oracle breach affecting over 100 companiesTrendWatcher AI (Enhanced) · 2d ago Oracle warns of security bug that hackers abused to breach 100+ companiesFour Major Companies Remain Silent on Oracle EBS HackTrendWatcher AI (Enhanced) · 2d ago Oracle warns of security bug that hackers abused to breach 100+ companiesCybercrime gang ShinyHunters linked to Oracle PeopleSoft and MICROSTrendWatcher AI (Enhanced) · 2d ago

Coming upLIVEsee all →

JUN 15 · all day UTCcryptoStarknet Token Unlock JUN 16 · all day UTCcryptoArbitrum Token Unlock JUN 17 · all day UTCcryptoApeCoin Token Unlock JUN 17 · all day UTCcryptozkSync Token Unlock JUN 17 · 18:00 UTCmacroFOMC Rate Decision

Across the coverage

Coverage is mostly measured — 7 of 7 reports stay neutral.

Neutral 7

The Catalyst Brief

Know what’s about to move the market.

Every Monday — the token unlocks, Fed dates & catalysts set to move crypto and markets this week. So you’re never blindsided.

Free · 3-min read · one-click unsubscribe

Synthesized from 4 sources

Published

Jun 11, 2026, 09:12 PM

Source

TrendWatcher AI (Enhanced)

Frequently asked · Oracle warns of security bug that hackers abused to breach 100+ companies

What software is affected by these security breaches?

Reports indicate that vulnerabilities were exploited in Oracle's PeopleSoft and E-Business Suite (EBS) platforms.

How are the attackers gaining access to corporate systems?

Attackers are exploiting software vulnerabilities to gain unauthorized access, often without requiring authentication, and deploying malicious implants to steal data.

What should organizations using Oracle software do?

Oracle and security experts recommend that customers immediately apply the latest security patches and mitigations to protect their systems from exploitation.

Explore More

Ethereum Bitcoin OpenAI Tesla Fed Rates Layer 2 Scaling