Oracle has issued an emergency security advisory for a critical vulnerability in its PeopleSoft enterprise software that allows unauthenticated remote code execution, affecting versions 8.61 and 8.62 of the widely-used business management suite. The alert comes as the notorious ShinyHunters hacking group reportedly exploited this and other flaws to breach over 300 PeopleSoft instances across more than 100 organizations, with the education sector particularly hard hit, including a confirmed breach at the University of Nottingham. Oracle has released mitigation guidance rather than a full patch and is urging organizations to implement the fixes immediately, though the company has not explicitly confirmed zero-day exploitation despite security researchers warning about active attacks.