The Vulnerability

In a significant cybersecurity incident, hackers have exploited a serious zero-day vulnerability identified in Oracle’s software, classified as CVE-2026-35273. This vulnerability has led to a surge of attacks targeting various organizations. Security experts have connected a group known as UNC6240 to this exploitation. This group reportedly employs methods and infrastructure that parallel those utilized by the ShinyHunters extortion ecosystem. Essentially, these threat actors have actively searched for vulnerable PeopleSoft Environment Management Hubs accessible online. Through automated scripts, they have gained unauthorized access without the need for a password. Once inside, they cleverly integrated remote access tools within the networks, masquerading them as legitimate cloud services to facilitate the covert exfiltration of vital company data.

Who is Affected

The automotive sector is reeling from this breach, with Nissan Americas officially confirming it has fallen prey to these malicious attacks. In a data breach notification submitted to state regulatory bodies, including the California Attorney General’s Office, Nissan disclosed that its human resources systems had been systematically compromised. As per Nissan’s disclosure letters, the company was informed by Oracle about the ongoing compromises of PeopleSoft instances affecting hundreds of organizations worldwide. The filings revealed that the breach exposed sensitive data across Nissan’s operations in the United States, Canada, Mexico, and Brazil. This included critical records such as employee names, banking details, financial and tax documents, as well as national identification information like Social Security and Social Insurance numbers. The breadth of the data compromised paints a troubling picture of the impact this breach could have on the trust and security within the automotive industry as well as among its employees.

Author Notes

The Oracle Security Alert Advisory regarding CVE-2026-35273 was published on June 10, 2026. It details the vulnerability and its implications, highlighting the urgency for organizations using Oracle software to address these security risks swiftly. Additionally, Nissan Americas has filed data breach notification letters with the California Department of Justice, notifying affected parties of the compromised data as presented in their submissions issued in June 2026.

About the Authors

The analysis presented in this article is articulated by Carmen Estela, a Cybersecurity Research Analyst at Cyber Defense Magazine and a candidate for the Women in Cybersecurity Award. Carmen earned her Master’s of Science degree from the University of Central Florida and holds a Bachelor’s degree in Criminology from the University of Florida. Alongside her academic achievements, she boasts certifications in Data Analytics and AI Fundamentals. Carmen is active in the cybersecurity community, frequently speaking and volunteering at prominent industry gatherings such as BSides Orlando and BSides Jax, where she shares her insights on emerging cyber threats. Her commitment extends to improving the governance, risk management, and compliance standards in cybersecurity. Moreover, she brings a diverse background, having worked as an adult protective investigator, police dispatcher, and legal intern, enabling her to apply investigative skills across various sectors including law enforcement and public service.

For more information, she can be reached online at [email protected].