{"id":732973,"date":"2026-06-12T14:40:21","date_gmt":"2026-06-12T11:40:21","guid":{"rendered":"https:\/\/buradabiliyorum.com\/en\/oracle-warns-of-security-bug-that-hackers-abused-to-breach-100-companies\/"},"modified":"2026-06-12T14:40:21","modified_gmt":"2026-06-12T11:40:21","slug":"oracle-warns-of-security-bug-that-hackers-abused-to-breach-100-companies","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/oracle-warns-of-security-bug-that-hackers-abused-to-breach-100-companies\/","title":{"rendered":"Oracle warns of security bug that hackers abused to breach 100+ companies"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a5056df08f40\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a5056df08f40\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/oracle-warns-of-security-bug-that-hackers-abused-to-breach-100-companies\/#Contact_Us\" >Contact Us<\/a><\/li><\/ul><\/nav><\/div>\n<div>\n<p id=\"speakable-summary\" class=\"wp-block-paragraph\">Oracle warned its corporate customers that there is a critical-rated vulnerability in its PeopleSoft software, which is used by large companies to manage payroll and human resources, a day after a cybercrime group took credit for abusing the flaw as part of a mass-hacking campaign.<\/p>\n<p class=\"wp-block-paragraph\">The company <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.oracle.com\/security-alerts\/alert-cve-2026-35273.html\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">published the security advisory<\/a> on Thursday after the hacking group ShinyHunters claimed to have breached more than 100 organizations that use PeopleSoft servers.<\/p>\n<p class=\"wp-block-paragraph\">Mandiant, the Google-owned security unit that investigates cyberattacks, <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/cloud.google.com\/blog\/topics\/threat-intelligence\/shinyhunters-targets-education-sector-oracle-exploit\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">warned in a blog post<\/a> that the new Oracle flaw is the same bug that the ShinyHunters group is abusing in its hacking campaign targeting PeopleSoft customers.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">Oracle, which has not released a patch for the vulnerability at the time of writing, said in the advisory that the bug can be exploited over the internet without needing any authentication, such as a password.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">The tech giant recommended that customers who use PeopleSoft software <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>ly its mitigations to prevent exploitation.<\/p>\n<p class=\"wp-block-paragraph\">On Wednesday, a ShinyHunters member told TechCrunch that the gang compromised the companies by abusing an unpatched flaw in PeopleSoft servers. The bug is known as a zero-day because the company affected, in this case Oracle, had no time to fix it before it was discovered and exploited.<\/p>\n<p class=\"wp-block-paragraph\">Mandiant confirmed that it has also notified more than \u201c100 global organizations,\u201d most of them in the United States, in an effort to restrict access to their potentially vulnerable systems. The cybersecurity group said that about two-thirds of these organizations are in higher education, which aligns with what ShinyHunters previously claimed.<\/p>\n<p class=\"wp-block-paragraph\">\u201cWhile several organizations successfully blocked the activity or re<a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">media<\/a>ted the vulnerabilities, others experienced compromise, resulting in stolen data being published on the ShinyHunters [Data Leak Website],\u201d Mandiant wrote.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">Oracle did not respond to TechCrunch\u2019s request for comment.\u00a0<\/p>\n<div class=\"article-block block--callout block--right has-green-500-background-color\">\n<h4 class=\"block--callout__title\"><span class=\"ez-toc-section\" id=\"Contact_Us\"><\/span>Contact Us<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p>\t\t\tDo you have more information about this hacking campaign? Or other data breaches? We\u2019d love to hear from you. From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email.\t\t<\/p><\/div>\n<p class=\"wp-block-paragraph\">The ShinyHunters member told TechCrunch this week that some of the hacked organizations are universities and colleges. <\/p>\n<p class=\"wp-block-paragraph\">The hacker shared a message they said was sent to one of the victim schools, in which the hackers claimed to have stolen \u201chundreds of thousands of student records containing full name, home address, phone, email, date of birth, gender, ethnicity, enrollment status, GPA, major, and student ID across all campuses,\u201d among other data.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">PeopleSoft, and its customers, are the latest victims in a long <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/watch-movies-tv-seriess\/\" data-internallinksmanager029f6b8e52c=\"8\" title=\"Watch Movies &amp; TV Series\" target=\"_blank\" rel=\"noopener\">series<\/a> of hacking campaigns where the ShinyHunters gang targeted organizations that all share the same vulnerable software.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">In the last year, the group targeted several companies that use Salesforce and Gainsight, as well as software provided by education giant Instructure, and among others.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">Once the hackers identify vulnerable software and companies that use it, they try to steal corporate or customer data and then threaten to release it unless the victims pay a ransom.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">Earlier this year, education tech company Instructure said it paid the hackers after they breached the company\u2019s systems twice. As part of the hacking campaign, ShinyHunters defaced the login pages of several schools that use Instructure\u2019s popular school information portal Canvas.<\/p>\n<\/div>\n<p><em>When you purchase through links in our articles, we may earn a small commission. This doesn\u2019t affect our editorial independence.<\/em><\/p>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMN63nwsw68G3Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/buradabiliyorum.com\/en\/category\/technology\/\" target=\"_blank\" >Technology<\/a><\/span> category.<\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/techcrunch.com\/2026\/06\/11\/oracle-warns-of-security-bug-that-hackers-abused-to-breach-100-companies\/\" target=\"_blank\" >Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Oracle warned its corporate customers that there is a critical-rated vulnerability in its PeopleSoft software, which is used by large companies to manage payroll and human resources, a day after a cybercrime group took credit for abusing the flaw as part of a mass-hacking campaign. The company published the security advisory on Thursday after the&#8230;<\/p>\n","protected":false},"author":1,"featured_media":732974,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/techcrunch.com\/wp-content\/uploads\/2026\/06\/oracle-logo-nyse.jpg?resize=1200,800","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[76978,72458,70944,70513,70636,72287,159716],"class_list":["post-732973","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology","tag-cybercrime","tag-data-breach","tag-hackers","tag-hacking","tag-oracle","tag-security","tag-shinyhunters"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/732973","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=732973"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/732973\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/732974"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=732973"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=732973"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=732973"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}