Since the original Oracle PeopleSoft breach, cybersecurity authorities have issued multiple warnings about separate hacking campaigns: the FBI and CISA (Cybersecurity and Infrastructure Security Agency) have alerted organizations about Russian intelligence hackers targeting encrypted messaging apps like Signal and WhatsApp to steal account credentials, and warned of attacks on industrial monitoring systems. These new threats represent a shift in attacker focus from exploiting software vulnerabilities in enterprise systems to compromising personal communication channels and critical infrastructure.
A hacking group known as ShinyHunters has successfully exploited a zero-day vulnerability in Oracle PeopleSoft software to breach universities around the world. The security flaw, identified as CVE-2026-35273, allowed the attackers to access sensitive information from educational institutions without the organizations knowing about the weakness beforehand.
A zero-day vulnerability is a serious cybersecurity problem because it targets a flaw that software companies don't yet know exists. This means companies like Oracle haven't had time to create a fix, leaving computer systems completely unprotected. ShinyHunters took advantage of this situation to launch attacks on multiple universities, gaining unauthorized access to their networks and data.
The breach has caught the attention of major international authorities. The Council of Europe, which is an organization that promotes human rights and democracy among its member countries, announced it is investigating the data breach claims. This investigation signals how serious the situation has become and demonstrates that the attacks affected institutions across a wide geographic area, particularly in Europe.
Universities store enormous amounts of personal information about students, employees, and research data. When hackers breach university systems, they can access names, addresses, social security numbers, financial information, and confidential research projects. This type of stolen data can be used for identity theft, sold on dark web marketplaces, or used to cause harm to individuals and institutions.
The ShinyHunters group has demonstrated sophisticated hacking abilities by discovering and exploiting this Oracle software vulnerability before official security researchers could find it. This attack method is particularly dangerous because it affects numerous organizations that use PeopleSoft systems for managing student records, payroll, and other critical functions.
The incident highlights why cybersecurity experts constantly warn organizations about keeping their software updated and monitoring their networks for suspicious activity. Even with regular security updates, zero-day vulnerabilities present a challenge because they exist before fixes become available. Universities and other organizations must implement additional security measures like network monitoring and access controls to protect themselves against unknown threats.
As the Council of Europe continues its investigation, Oracle will likely develop and release patches to fix the vulnerability. In the meantime, universities and other affected organizations are working to secure their systems and notify users whose information may have been compromised by the ShinyHunters breach.