A vulnerability in Oracle's PeopleSoft software suite has been exploited by the ransomware group ShinyHunters, targeting approximately 100 customers. The vulnerability, tracked as CVE-2026-35273, has a severity rating of 9.8 out of 10 and has been actively exploited for over two weeks before being flagged by Oracle. The vulnerability is categorized as a server-side request forgery (SSRF), allowing attackers to send requests from a compromised server to other systems within the targeted organization. Oracle has issued a temporary mitigation but has not yet released a full patch. Reports indicate that victims are receiving extortion demands related to the stolen data.
✓ AI-Debiased Article
18
Public broadcaster
L
R
No clear lean
✓ verified
Ransomware Group Exploits Vulnerability in Oracle's PeopleSoft Software
The ransomware group ShinyHunters has exploited a critical vulnerability in Oracle's PeopleSoft software, affecting around 100 customers. The vulnerability, rated 9.8 out of 10, allows attackers to send requests from a compromised server, and victims have reportedly received extortion demands.
Companies
Oracle
Annotating as
No note attached
on this article.
Bias Analysis
Bias score
18/100
wirepublicmainstream
flavoredpartisanadvocacy
Inflammatory language
10/100
Bias Indicators Removed
- ✕ framing: headline asserting a conclusion
- ✕ vague attribution: researchers said, Google has confirmed
Original vs. Neutral
Original Headline
PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data
Neutral Headline
Ransomware Group Exploits Vulnerability in Oracle's PeopleSoft Software