A cybersecurity incident is affecting universities across the country after hackers discovered a serious weakness in widely-used business software. The ShinyHunters group has been using a zero-day vulnerability—a security flaw that was unknown to the public and software makers—to break into Oracle PeopleSoft systems at educational institutions.
Oracle PeopleSoft is enterprise software that universities use to manage student records, payroll, finances, and other important data. The vulnerability, tracked as CVE-2026-35273, gives attackers the ability to access systems without proper authorization. According to multiple cybersecurity reports, ShinyHunters discovered this weakness before Oracle was aware of it, which is why it's called a zero-day flaw.
Google has confirmed that the ShinyHunters group is actively exploiting this vulnerability to breach university systems. This confirmation adds significant credibility to the reports and indicates that the threat is real and ongoing. Multiple universities have been targeted in what security experts are describing as a widespread campaign against the higher education sector.
Oracle has responded to these reports by addressing the vulnerability and releasing security information to help organizations protect themselves. The company acknowledged the exploitation while working to develop and distribute patches that would fix the flaw. Universities and other organizations using PeopleSoft have been advised to update their systems immediately to prevent further breaches.
This incident highlights an important cybersecurity concern: zero-day vulnerabilities are particularly dangerous because software makers and security companies haven't had time to develop protections. Hackers who find these flaws first can attack many targets before defenses are available. Universities are attractive targets for cybercriminals because they store vast amounts of personal information about students, faculty, and staff, including social security numbers, financial data, and medical records.
The attack demonstrates why organizations must maintain strong security practices beyond just installing software updates. Security experts recommend that universities and other institutions regularly monitor their networks for suspicious activity, limit who has access to sensitive systems, and have emergency response plans ready in case of a breach.
For students and employees at affected universities, the breach may expose personal information. Institutions are expected to notify individuals whose data was compromised and offer identity protection services. This incident serves as a reminder that no system is completely secure, and organizations must stay vigilant against both known and unknown security threats.