IOC Radar
TLP:WHITE1 IOC

Oracle PeopleSoft Zero-Day Exploited in Ransomware Attacks, Warns CISA

CP
Cyber Press
Published June 17, 2026Original Report

Malware Families

Diamond Model

SOCIAL AXISTECHNOLOGY AXISADVERSARYunknownINFRASTRUCTUREunknownCAPABILITYCl0pGh0st RATVICTIMunknown
Adversary
Infrastructure
Capability(2)
Victim

Attack Flow5 steps · MITRE ATT&CK mapped

Initial AccessTA0001·T1190
1/5
Exploit Public-Facing Application
ActionExploit public-facing application
An unauthenticated remote attacker exploits a zero-day vulnerability (CVE-2026-35273) in Oracle PeopleSoft Enterprise PeopleTools.

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise1

TypeIndicatorConfidenceScoreFirst Seen
CVECVE-2026-35273
exploitintel-blogmalware
Medium
58
Jun 12, 26

IOC Relationship Graph

IOC Relationship Graph1 total IOCs
CVE
CVE1Malware2REPORTOracle PeopleSoft Zero-DayCl0pGh0st RAT
scroll to zoom · drag to pan · click IOC to open