Oracle warns of security bug that hackers abused to breach 100+ companies
8.1 relevance
Score Breakdown
technical depth 8
novelty 7
actionability 9
community 8
strategic 8
personal 9
Scored daily by a customisable AI persona to surface the most relevant engineering leadership news.
Oracle security bug with active exploitation is highly actionable for engineers to patch.
Summary
Oracle disclosed a critical zero-day in PeopleSoft after ShinyHunters exploited it to breach over 100 organizations, primarily in higher education. The vulnerability requires no authentication and remains unpatched, with Mandiant confirming stolen data has been published. Oracle has only offered mitigations, not a fix, as the campaign mirrors prior ShinyHunters attacks on Salesforce and Instructure.