Nissan – ShinyHunters Turn an Oracle Zero-Day into a Payroll Nightmare
Tech Talks With Kinsoft por Steven Kinnas
Notas del episodio
The Oracle PeopleSoft campaign we've been tracking just claimed a big-name victim. Nissan has disclosed that employee data across the Americas — potentially including bank details, Social Security and national ID numbers — was stolen when the extortion crew ShinyHunters exploited a critical PeopleSoft zero-day. We break down CVE-2026-35273, the two-week window when attackers were inside before a patch even existed, why HR and ERP systems are crown-jewel targets, and the smart, concrete fraud controls Nissan put in place afterwards.
Do you know what's exposed on your internet-facing enterprise apps? Visit www.kinsoft.com.au to talk through your security and IT needs.
Sources: BleepingComputer; The Register; The Hacker News; Google/Mandiant. ...