Instructure

Company

Last mentioned: 16h ago

Timeline

  1. Google/Mandiant publish findings

    Google’s threat intelligence blog details the campaign, attribution, and sector impact.

  2. Oracle issues security advisory

    Oracle publishes a patch and advisory for the PeopleSoft vulnerability, closing the zero-day window.

  3. Campaign window closes

    Last observed exploitation activity before Oracle issues its advisory.

  4. Campaign begins

    ShinyHunters starts active scanning and exploitation of the Oracle PeopleSoft zero-day.

Stories mentioning Instructure 1

threat-intel Bearish

68% of Targets in Education: ShinyHunters Exploit Oracle Zero-Day Before Patch

An active extortion campaign by ShinyHunters exploited a zero-day vulnerability in Oracle PeopleSoft, with Google notifying over 100 organizations—68% in higher education. The attackers used customized MeshCentral agents for C2, actions occurring before Oracle’s June 10 advisory. This highlights the growing threat of zero-day exploitation in widely used enterprise software and the education sector’s vulnerability.

2 sources