Oracle PeopleSoft Zero-Day Exploited by ShinyHunters in Data Theft Attacks

Oracle has warned customers about a critical PeopleSoft vulnerability that was exploited as a zero-day in attacks tied to ShinyHunters. The flaw is tracked as CVE-2026-35273 and affects Oracle PeopleSoft Enterprise PeopleTools versions 8.61 and 8.62. The vulnerability allows unauthenticated remote code execution over HTTP. The NVD entry gives it a CVSS 3.1 score of […] The post Oracle PeopleSoft Zero-Day Exploited by ShinyHunters in Data Theft Attacks appeared first on VPN Central.