CVE-2025-35273

🔴 ShinyHunters exploits Oracle PeopleSoft 0-day (CVSS 9.8) targeting 100+ organizations

Ransomware group ShinyHunters exploited CVE-2025-35273, a critical server-side request forgery vulnerability in Oracle PeopleSoft, for more than two weeks before Oracle disclosed it. The group targeted roughly 300 endpoints across 100 organizations, with about 68 percent in higher education. ShinyHunters extorted at least one victim and published gigabytes of stolen data after compromising the University of Nottingham. • Vulnerability rated 9.8 out of 10 severity; remotely exploitable • Exploitation began May 27; Oracle has issued stopgap mitigation but no full patch