Oracle warns of dangerous vulnerability affecting over 100 companies

Oracle Corporation has warned customers about a critical security flaw in its PeopleSoft software. This system is widely used by large companies for payroll and human resources management. The warning was issued one day after a cybercriminal group announced it had exploited this vulnerability as part of a mass hacking campaign. This is reported by Techcrunch.com .

The hacking group ShinyHunters claims to have successfully attacked over 100 organizations using PeopleSoft servers. Mandiant, a cybersecurity division owned by Google, has also confirmed this information. They stated that the newly discovered flaw in the Oracle system is the same vulnerability being used by the ShinyHunters group to target PeopleSoft customers.

Oracle has not yet released an official patch for this vulnerability. In its security advisory, the company noted that the flaw can be exploited remotely over the internet without any authentication or password. The technology giant is advising customers to take temporary measures to protect their systems.

This defect is being called a "zero-day" vulnerability because it was discovered and exploited by hackers before Oracle could fix it. According to Mandiant, most of the affected organizations are based in the US, with two-thirds of them being higher education institutions. While some organizations managed to stop the attack, others had their data stolen and published on the hackers' site.