ShinyHunters claims Oracle PeopleSoft 0-day hit 100+ orgs

https://image.theregister.com/5254486.jpg?imageId=5254486&x=0&y=0&cropw=100&croph=100&panox=0&panoy=0&panow=100&panoh=100&width=1200&height=683

ShinyHunters claims it hacked 100 orgs by exploiting an Oracle PeopleSoft 0-day

University of Nottingham is first of many, Shiny tells The Reg

Data theft and extortion group ShinyHunters claims to have exploited a critical Oracle PeopleSoft bug as a zero-day to compromise more than 100 organizations, including the University of Nottingham, across 300 vulnerable instances.

A spokesperson for the cybercrime crew on Thursday told The Register that they exploited CVE-2026-35273 to break into the university’s PeopleSoft system and steal 40 GB of personal data and billing records belonging to hundreds of thousands of current and former students.

ShinyHunters posted the UK university on its data leak site on Tuesday before publishing the stolen files later that same day, presumably because the school refused to pay the extortion demand.

“University of Nottingham on our leak site is one of the first publicly confirmed incidents,” a ShinyHunters spokesperson told us....

Copyright of this story solely belongs to theregister.com. To see the full text click HERE

Read more

https://cdn1.expresscomputer.in/wp-content/uploads/2023/11/27202631/ec-cybersecurity-cybercrime-internet-750.jpg

CloudSEK and Tech Mahindra announce partnership to enable predictive, regulation-ready cybersecurity at scale

CloudSEK announced a partnership with Tech Mahindra. The partnership will deliver AI-driven threat intelligence, attack surface monitoring, AI attack surface monitoring, and digital risk protection solutions globally. Evolving cybersecurity regulations are driving enterprises to strengthen risk visibility, accelerate incident response, and enhance compliance readiness. Regulatory and national cybersecurity frameworks such