Tag: oracle
-
Oracle patches E-Business suite targeted by Cl0p ransomware
Oracle pushes a patch for a dangerous zero-day under active exploitation by one of the most notorious ransomware gangs around. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366632397/Oracle-patches-E-Business-suite-targeted-by-Cl0p-ransomware
-
FBI, UK Gov’t urge orgs to patch Oracle E-Business vuln after alleged Clop campaign
FBI Assistant Director Brett Leatherman said “this is ‘stop-what-you’re-doing and patch immediately’ vulnerability.” First seen on therecord.media Jump to article: therecord.media/fbi-uk-urge-orgs-to-patch-after-clop-campaign
-
Clop Ransomware Hits Oracle Customers Via Zero-Day Flaw
The infamous Clop gang has targeted a wide range of Oracle E-Business Suite customers using a newly disclosed zero-day vulnerability. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/clop-ransomware-oracle-customers-zero-day-flaw
-
Cl0p nutzt Schwachstelle bei Oracle aus
Tags: authentication, breach, bug, business, cve, cvss, cyberattack, exploit, linkedin, mail, mandiant, oracle, update, vulnerability, zero-dayDie Cl0p-Bande nutzt Zero-Day-Schwachstelle bei Oracle für Cyberattacken aus.Oracle hat ein Notfall-Update veröffentlicht, um eine kritische Sicherheitslücke in seiner E-Business Suite (EBS) zu beheben. Das Leck mit Kennung CVE-2025-61882 hat einen CVSS-Score von 9,8 und wurde bereits bei der jüngsten Welle von Cl0p zum Diebstahl von Daten ausgenutzt.Die Sicherheitslücke betrifft einen nicht näher bezeichneten Fehler,…
-
CVE-2025-61882 Mass Exploitation, Oracle E-Business Suite (EBS) Under Attack by Cl0p Ransomware
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/cve-2025-61882-mass-exploitation-oracle-e-business-suite-ebs-under-attack-by-cl0p-ransomware
-
Clop hackers caught exploiting Oracle zero-day bug to steal executives’ personal data
Oracle fixes another security flaw that Clop hackers were using to steal sensitive personal information about executives as part of a mass-extortion campaign. First seen on techcrunch.com Jump to article: techcrunch.com/2025/10/06/clop-hackers-caught-exploiting-oracle-zero-day-bug-to-steal-executives-personal-data/
-
Extortion campaign targeting Oracle E-Business Suite customers linked to zero-day
Mandiant researchers said Clop ransomware is indeed linked to a series of emails threatening to release stolen data.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/extortion-campaign-oracle-e-business-suite-zero-day/802123/
-
Oracle Now Says ‘Critical’ Zero-Day Flaw Behind Data Extortion Attacks, Releases Patch
Oracle is linking a recent data extortion campaign targeting E-Business Suite customers to a zero-day vulnerability, with fixes released to address the critical-severity flaw, in contrast to its previous contention that the attacks resulted from unpatched known vulnerabilities. First seen on crn.com Jump to article: www.crn.com/news/security/2025/oracle-now-says-critical-zero-day-flaw-behind-data-extortion-attacks-releases-patch
-
Oracle patches critical E-Business Suite flaw exploited by Cl0p hackers
Oracle fixed a critical flaw (CVE-2025-61882, CVSS 9.8) in E-Business Suite that is actively exploited by Cl0p cybercrime group. Oracle released an emergency patch to address a critical vulnerability, tracked as CVE-2025-61882 (CVSS 9.8) in its E-Business Suite. >>Updated [10/04/2025]: Oracle has issued Oracle Security Alert Advisory CVE-2025-61882 to provide updates against additional potential exploitation that were discovered during our investigation.
-
Critical Zero-Day in Oracle E-Business Suite Prompts Urgent Security Updates
Oracle has issued a security alert warning users of a zero-day vulnerability in its widely used Oracle E-Business Suite. Tracked as CVE-2025-61882, this flaw allows unauthenticated, remote attackers to execute arbitrary code on affected systems. The vulnerability carries a CVSS v3.1 base score of 9.8, making it one of the most critical threats to the…
-
Critical Zero-Day in Oracle E-Business Suite Prompts Urgent Security Updates
Oracle has issued a security alert warning users of a zero-day vulnerability in its widely used Oracle E-Business Suite. Tracked as CVE-2025-61882, this flaw allows unauthenticated, remote attackers to execute arbitrary code on affected systems. The vulnerability carries a CVSS v3.1 base score of 9.8, making it one of the most critical threats to the…
-
Cl0p exploits Oracle E-Business Suite zero-day in data theft, extortion campaign (CVE-2025-61882)
The Cl0p extortion gang exploited multiple Oracle E-Business Suite (EBS) vulnerabilities, including one zero-day flaw (CVE-2025-61882), >>to steal large amounts of data … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/06/cl0p-oracle-data-theft-extortion-cve-2025-61882/
-
âš¡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More
The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons from the field.This recap cuts through the noise to share what really matters”, key trends, warning signs, and stories shaping today’s security landscape. Whether you’re defending systems or just keeping up, these…
-
âš¡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More
The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons from the field.This recap cuts through the noise to share what really matters”, key trends, warning signs, and stories shaping today’s security landscape. Whether you’re defending systems or just keeping up, these…
-
Cl0p exploits Oracle E-Business Suite zero-day in data theft, extortion campaign (CVE-2025-61882)
The Cl0p extortion gang exploited multiple Oracle E-Business Suite (EBS) vulnerabilities, including one zero-day flaw (CVE-2025-61882), >>to steal large amounts of data … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/06/cl0p-oracle-data-theft-extortion-cve-2025-61882/
-
Clop crew hits Oracle E-Business Suite users with fresh zero-day
Big Red rushes out patch for 9.8-rated flaw after crooks exploit it for data theft and extortion First seen on theregister.com Jump to article: www.theregister.com/2025/10/06/clop_oracle_ebs_zeroday/
-
Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks
Oracle has released an emergency update to address a critical security flaw in its E-Business Suite that it said has been exploited in the recent wave of Cl0p data theft attacks.The vulnerability, tracked as CVE-2025-61882 (CVSS score: 9.8), concerns an unspecified bug that could allow an unauthenticated attacker with network access via HTTP to compromise…
-
PoC Released for Remotely Exploitable Oracle E-Business Suite 0-Day
Tags: business, cyber, cybersecurity, detection, hacker, oracle, remote-code-execution, threat, vulnerability, zero-dayOracle has issued an urgent security alert for a critical zero-day vulnerability affecting Oracle E-Business Suite that allows remote code execution without authentication. The vulnerability, tracked as CVE-2025-61882, has now received public proof-of-concept detection capabilities from cybersecurity researcher rxerium. Illustration showing a hacker and icons representing cyber threats with a caption about the $10.5 trillion economic…
-
CVE-2025-61882: Frequently Asked Questions About Oracle E-Business Suite (EBS) Zero-Day and Associated Vulnerabilities
Tags: advisory, attack, breach, business, cve, cyber, data, email, exploit, extortion, finance, flaw, group, intelligence, mitigation, mobile, oracle, ransomware, remote-code-execution, software, threat, update, vulnerability, zero-dayFollowing reports the Cl0p ransomware group has been extorting Oracle E-Business Suite customers, Oracle released an advisory for a zero-day that was exploited in the wild. Background Tenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding a newly disclosed Oracle zero-day vulnerability that was exploited in the…
-
CVE-2025-61882: Frequently Asked Questions About Oracle E-Business Suite (EBS) Zero-Day and Associated Vulnerabilities
Tags: advisory, attack, breach, business, cve, cyber, data, email, exploit, extortion, finance, flaw, group, intelligence, mitigation, mobile, oracle, ransomware, remote-code-execution, software, threat, update, vulnerability, zero-dayFollowing reports the Cl0p ransomware group has been extorting Oracle E-Business Suite customers, Oracle released an advisory for a zero-day that was exploited in the wild. Background Tenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding a newly disclosed Oracle zero-day vulnerability that was exploited in the…
-
Oracle patches EBS zero-day exploited in Clop data theft attacks
Tags: attack, business, data, exploit, flaw, oracle, remote-code-execution, theft, vulnerability, zero-dayOracle is warning about a critical E-Business Suite zero-day vulnerability tracked as CVE-2025-61882 that allows attackers to perform unauthenticated remote code execution, with the flaw actively exploited in Clop data theft attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/oracle-patches-ebs-zero-day-exploited-in-clop-data-theft-attacks/
-
Cybervorfälle: Asahi, Bonify, Renault Dacia, Oracle, Salesforce
Ich fasse mal einige neue Informationen über Ransomware-Infektionen, Datenlecks bzw. solche Vorfälle zusammen. Der Cyberangriff auf den japanischen Bierbrauer Asahi war Ransomware. Dann sind Daten bei Bonify, Dacia und Renault abgeflossen. Oracle hatte die Clop-Ransomware in den Systemen und eine … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/10/05/cybervorfaelle-asahi-bonify-renault-dacia-oracle-salesforce/
-
Oracle tells Clop-targeted EBS users to apply July patch, problem solved
Researchers suggest internet-facing portals are exposing ‘thousands’ of orgs First seen on theregister.com Jump to article: www.theregister.com/2025/10/03/oracle_ebs_clop_extortion/
-
Cl0p-Linked Gang Attempts to Extort Oracle E-Business Customers
A ‘high-volume’ extortion campaign possibly linked to FIN11 and Cl0p is targeting Oracle E-Business executives. Mandiant and GTIG are investigating unproven data theft claims. First seen on hackread.com Jump to article: hackread.com/cl0p-extort-oracle-e-business-customers/
-
Oracle links Clop extortion attacks to July 2025 vulnerabilities
Oracle has linked an ongoing extortion campaign claimed by the Clop ransomware gang to E-Business Suite (EBS) vulnerabilities that were patched in July 2025. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/oracle-links-clop-extortion-attacks-to-july-security-flaws/
-
Oracle tells Clop-targeted EBS users to apply July patch, problem solved
Researchers suggest internet-facing portals are exposing ‘thousands’ of orgs First seen on theregister.com Jump to article: www.theregister.com/2025/10/03/oracle_ebs_clop_extortion/
-
Cl0p-Linked Gang Attempts to Extort Oracle E-Business Customers
A ‘high-volume’ extortion campaign possibly linked to FIN11 and Cl0p is targeting Oracle E-Business executives. Mandiant and GTIG are investigating unproven data theft claims. First seen on hackread.com Jump to article: hackread.com/cl0p-extort-oracle-e-business-customers/
-
Hackers Target Unpatched Flaws in Oracle E-Business Suite
Patches for the targeted vulnerabilities were released in Oracle’s July 2025 security update First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/hackers-flaws-oracle-ebs/
-
Oracle Confirms Hackers Target E-Business Suite Data in Extortion Campaigns
Oracle has confirmed that a group of hackers stole data from its E-Business Suite (EBS) applications and is using the information in extortion campaigns. The company warns that these attackers exploited vulnerabilities already fixed in the July 2025 Critical Patch Update (CPU). Oracle strongly urges all customers to apply the latest CPU immediately to defend…
-
Oracle Confirms Hackers Target E-Business Suite Data in Extortion Campaigns
Oracle has confirmed that a group of hackers stole data from its E-Business Suite (EBS) applications and is using the information in extortion campaigns. The company warns that these attackers exploited vulnerabilities already fixed in the July 2025 Critical Patch Update (CPU). Oracle strongly urges all customers to apply the latest CPU immediately to defend…

