[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fv1hr-43hLuDJHutDSdNClGjxkNwfdNZCGMY7I6itmdI":3},{"article":4,"iocs":51},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":29,"category":30,"article_tags":33},"a16c00b0-3591-4f57-9e0f-f3af188e710f","Unit 42 is tracking the active targeting of Oracle PeopleSoft servers by Bling Libra (aka #ShinyH...","unit-42-is-tracking-the-active-targeting-of-oracle-peoplesoft-servers-by-bling-l-641dd0","Unit 42 is tracking the active targeting of Oracle PeopleSoft servers by Bling Libra (aka #ShinyHunters). Our analysis reveals suspected exploitation of RCE flaw CVE-2026-35273 and primary targeting of the education sector since at least late May 2026. https:\u002F\u002Ft.co\u002FiqZD1gScan https:\u002F\u002Ft.co\u002FEijtGPBCs2","Palo Alto Networks' Unit 42 is tracking the Bling Libra threat actor, also known as #ShinyHunters, for actively targeting Oracle PeopleSoft servers. The group is suspected of exploiting the RCE vulnerability CVE-2026-35273. Since at least late May 2026, the primary sector targeted has been education.","Bling Libra targets Oracle PeopleSoft servers using RCE flaw CVE-2026-35273.",null,"https:\u002F\u002Fx.com\u002FUnit42_Intel\u002Fstatus\u002F2065512743466078245","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHKos4JeXIAAeCOW.jpg","2026-06-12T19:13:08+00:00","2026-06-12T20:00:11.822301+00:00",8,[18,21,23,26],{"name":19,"type":20},"Bling Libra","threat_actor",{"name":22,"type":20},"#ShinyHunters",{"name":24,"type":25},"Oracle PeopleSoft","product",{"name":27,"type":28},"Oracle","vendor","e7b231c8-5f79-4465-8d38-1ef13aea5a14",{"id":29,"icon":11,"name":31,"slug":32},"Threat Intelligence","threat-intelligence",[34,39,44,49],{"category":35},{"id":36,"icon":11,"name":37,"slug":38},"6cbdd207-aaa1-4176-9534-e156b125e917","Nation-state","nation-state",{"category":40},{"id":41,"icon":11,"name":42,"slug":43},"80544778-fabb-4dcd-aa35-17492e5dcf4f","Vulnerabilities","vulnerabilities",{"category":45},{"id":46,"icon":11,"name":47,"slug":48},"89f78b1c-3503-45a1-9fc7-e23d2ce1c6d5","Malware","malware",{"category":50},{"id":29,"icon":11,"name":31,"slug":32},[52],{"type":53,"value":54,"context":55},"cve","CVE-2026-35273","Exploited RCE vulnerability"]