ShinyHunters Targets Education Sector with Oracle PeopleSoft Exploit

ShinyHunters exploited a zero-day Oracle PeopleSoft vulnerability (CVE-2026-35273) between May 27 and June 9, 2026, targeting the education sector. This allowed them to steal data and publish it on their Data Leak Site. Organizations running Oracle PeopleSoft should take immediate action to defend themselves. Remediation and hardening guidance is available.