Mandiant and Google Threat Intelligence Group (GTIG) have issued an urgent warning about an active exploitation campaign targeting Oracle PeopleSoft infrastructure. The threat actor behind the campaign, tracked as UNC6240 and publicly known as ShinyHunters, exploited a critical zero-day remote code execution vulnerability, CVE-2026-35273 (CVSS 9.8), before Oracle published its security advisory on June 10, […]
The post Oracle PeopleSoft 0-Day RCE Flaw Under Active Exploitation by ShinyHunters appeared first on Cyber Security News.