ATLAS · LIVE
ATLAS INDEX
Δ 24H
ACTIVE SOURCES20
HOTSPOTS20
TIME21:39:49 UTC
← All briefs
CRITICALCyber IntelligenceFriday, June 12, 2026

ShinyHunters Exploited Oracle Zero-Day Before Patch Disclosure

Extortion group breached universities via unpatched PeopleSoft flaw, stealing data for ransom during two-week window before Oracle's advisory.

The extortion crew known as ShinyHunters exploited an unpatched vulnerability in Oracle PeopleSoft to breach enterprise systems and steal data between May 27 and June 9. Oracle did not publish an advisory for the flaw—tracked as CVE-2026-35273—until June 10, leaving organizations exposed during the active exploitation window.

Google's Mandiant attributes the campaign to UNC6240, a group it associates with ShinyHunters. Universities bore the brunt of the intrusions. The attackers exfiltrated data and demanded payment to prevent its release, following the group's established extortion model.

The timing gap between exploitation and vendor disclosure underscores the risk window organizations face when zero-day flaws reach active use before patches exist. PeopleSoft is deployed widely across higher education and enterprise environments for human resources, finance, and student administration.

The rest of this brief is inside the platform

Continue reading. Free.

A free Atlas account unlocks the full briefing, the co-analyst, daily delivery to your inbox, and a sector-personalised feed.

Full brief
Implications, sources, methodology
Co-Analyst
Ask follow-ups on every brief
Sector feed
Briefs filtered to what matters to you
Implications
  • 01Universities running PeopleSoft face heightened data breach and extortion risk
  • 02Enterprises must assess exposure to CVE-2026-35273 and patch immediately
  • 03Oracle customers may question disclosure timelines when zero-days are actively exploited
Source
The Hacker News
https://thehackernews.com/2026/06/shinyhunters-exploits-oracle-peoplesoft.html
Brief is editorial commentary by Atlas Intelligence based on the cited public reporting. Atlas does not reproduce source text. Verify primary source before action.
#oracle#peoplesoft#zero-day#shinyhunters#extortion#universities
Related Briefs