Oracle PeopleSoft RCE Flaw Used as Zero-Day in Ongoing ShinyHunters Campaign

Jun 12, 2026 2:02 PM

Tags: advisory, breach, exploit, flaw, google, group, intelligence, mandiant, oracle, rce, remote-code-execution, threat, update, vulnerability, zero-day

ShinyHunters exploited a critical Oracle PeopleSoft zero-day to breach over 100 organizations, mostly universities, before a patch was available. Mandiant and Google’s Threat Intelligence Group published an analysis of an active ShinyHunters campaign on June 11, one day after Oracle finally issued an advisory for the vulnerability being exploited. The gap matters: the activity ran […]

First seen on securityaffairs.com

Jump to article: securityaffairs.com/193543/cyber-crime/oracle-peoplesoft-rce-flaw-used-as-zero-day-in-ongoing-shinyhunters-campaign.html

also interesting:

Oracle PeopleSoft RCE Flaw Used as Zero-Day in Ongoing ShinyHunters Campaign
Ivanti warns critical RCE flaw in Connect Secure exploited as zero-day
CVE-2025-61882: Frequently Asked Questions About Oracle E-Business Suite (EBS) Zero-Day and Associated Vulnerabilities
Oracle PeopleSoft Zero-Day RCE Vulnerability Exploited by ShinyHunters

Collecting Cyber-News from over 60 sources

X
LinkedIn
RSS Feed
Mail

Here I provide a database that gathers and curates the latest news on Cybersecurity. Being well-informed is the key to successfully respond on security threats.

Imprint | Privacy Policy | Contact