Tag: oracle
-
Washington Post notifies 10,000 individuals affected in Oracle-linked data theft
The Washington Post alerts nearly 10,000 employees and contractors that personal and financial data was exposed in the Oracle breach. The Washington Post warns nearly 10,000 staff and contractors that personal and financial data was exposed in the Oracle breach. The popular newspaper has approximately 2.5M digital subscribers. Between July 10 and August 22, threat…
-
Washington Post Oracle E-Suite Breach Exposes Data of Over 9,000 Staff and Contractors
The Washington Post disclosed a significant data breach affecting more than 9,700 employees and contractors following an external system compromise targeting its Oracle E-Suite infrastructure. The breach, which occurred on July 10, 2025, went undetected for nearly 3.5 months before being discovered on October 27, 2025. Scope of the Incident According to breach notifications filed…
-
UK NHS Named in Clop Gang’s Exploits of Oracle Zero-Days
British Health System Investigates Claim Amid Wave of Enterprise Data Thefts. Ransomware gang Clop has claimed the United Kingdom’s National Health Service among its latest victims. The NHS confirmed that it is listed on a cybercriminal group’s dark website, but did not comment on Clop’s claims. The hack attack appears tied to Oracle E-Business Suite…
-
Washington Post confirms data on nearly 10,000 people stolen from its Oracle environment
The newspaper said a “bad actor” contacted the company in late September, prompting an investigation that nearly a month later confirmed the extent of compromise. First seen on cyberscoop.com Jump to article: cyberscoop.com/washington-post-oracle-clop-attacks/
-
Washington Post data breach impacts nearly 10K employees, contractors
The Washington Post is notifying nearly 10,000 employees and contractors that some of their personal and financial data has been exposed in the Oracle data theft attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/washington-post-data-breach-impacts-nearly-10k-employees-contractors/
-
Washington Post data breach impacts nearly 10K employees, contractors
The Washington Post is notifying nearly 10,000 employees and contractors that some of their personal and financial data has been exposed in the Oracle data theft attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/washington-post-data-breach-impacts-nearly-10k-employees-contractors/
-
Extra, extra, read all about it: Washington Post clobbered in Clop caper
Tags: oracleNearly 10,000 staff and contractors warned after attackers raided newspaper’s Oracle EBS setup First seen on theregister.com Jump to article: www.theregister.com/2025/11/13/washington_post_clop/
-
NDSS 2025 MALintent: Coverage Guided Intent Fuzzing Framework For Android
Tags: android, api, conference, framework, google, Internet, network, open-source, oracle, privacy, vulnerabilitySESSION Session 2D: Android Security 1 Authors, Creators & Presenters: Ammar Askar (Georgia Institute of Technology), Fabian Fleischer (Georgia Institute of Technology), Christopher Kruegel (University of California, Santa Barbara), Giovanni Vigna (University of California, Santa Barbara), Taesoo Kim (Georgia Institute of Technology) PAPER MALintent: Coverage Guided Intent Fuzzing Framework for Android Intents are the primary…
-
Hitachi subsidiary GlobalLogic impacted by Clop’s attack spree on Oracle customers
The digital engineering services firm said human resources data on nearly 10,500 current and former employees was exposed. First seen on cyberscoop.com Jump to article: cyberscoop.com/globallogic-oracle-clop-attacks/
-
Cl0p Ransomware Lists NHS UK as Victim, Days After Washington Post Breach
Cl0p ransomware lists NHS UK as a victim days after The Washington Post confirms a major Oracle E-Business breach linked to CVE-2025-61882. First seen on hackread.com Jump to article: hackread.com/cl0p-ransomware-nhs-uk-washington-post-breach/
-
GlobalLogic warns 10,000 employees of data theft after Oracle breach
GlobalLogic, a provider of digital engineering services part of the Hitachi group, is notifying over 10,000 current and former employees that their data was stolen in an Oracle E-Business Suite (EBS) data breach. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/globallogic-warns-10-000-employees-of-data-theft-after-oracle-breach/
-
Hitachi-owned GlobalLogic admits data stolen on 10k current and former staff
Clop’s Oracle EBS exploit spree shows no sign of slowing, claims nearly 30 more casualties in media, finance, and tech. First seen on theregister.com Jump to article: www.theregister.com/2025/11/11/hitachiowned_globallogic_admits_data_stolen/
-
Hitachi-owned GlobalLogic admits data stolen on 10k current and former staff
Clop’s Oracle EBS exploit spree shows no sign of slowing, claims nearly 30 more casualties in media, finance, and tech. First seen on theregister.com Jump to article: www.theregister.com/2025/11/11/hitachiowned_globallogic_admits_data_stolen/
-
Allianz UK joins growing list of Clop’s Oracle E-Business Suite victims
Insurance giant’s UK arm says cybercriminals misattributed the real victim First seen on theregister.com Jump to article: www.theregister.com/2025/11/10/allianz_uk_joins_growing_list/
-
Balancer hack analysis and guidance for the DeFi ecosystem
Tags: access, attack, blockchain, control, crypto, exploit, finance, flaw, guide, intelligence, monitoring, oracle, radius, risk, software, strategy, threat, tool, update, vulnerabilityTL;DR The root cause of the hack was a rounding direction issue that had been present in the code for many years. When the bug was first introduced, the threat landscape of the blockchain ecosystem was significantly different, and arithmetic issues in particular were not widely considered likely vectors for exploitation. As low-hanging attack paths…
-
Washington Post confirms data breach linked to Oracle hacks
The Washington Post is the latest victim of a hacking campaign by the notorious Clop ransomware gang, which relied on vulnerabilities in Oracle software used by many corporations. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/07/washington-post-confirms-data-breach-linked-to-oracle-hacks/
-
Clop Ransomware Group Exploits New 0-Day Vulnerabilities in Active Attacks
The Clop ransomware group continues to pose a significant threat to enterprise organizations worldwide, with recent analysis revealing their exploitation of a critical zero-day vulnerability in Oracle E-Business Suite. Operating since early 2019, Clop has established itself as one of the most prolific and sophisticated ransomware gangs, amassing a victim count exceeding 1,025 organizations and…
-
Clop Ransomware Group Exploits New 0-Day Vulnerabilities in Active Attacks
The Clop ransomware group continues to pose a significant threat to enterprise organizations worldwide, with recent analysis revealing their exploitation of a critical zero-day vulnerability in Oracle E-Business Suite. Operating since early 2019, Clop has established itself as one of the most prolific and sophisticated ransomware gangs, amassing a victim count exceeding 1,025 organizations and…
-
Is Unsupported OpenJDK for Universities Good Enough?
Tags: oracleInstitutions wondering whether to pay Oracle must decide whether unsupported OpenJDK for universities is good enough. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/is-unsupported-openjdk-for-universities-good-enough/
-
U.S. CISA adds Dassault Systèmes DELMIA Apriso flaws to its Known Exploited Vulnerabilities catalog
Tags: apple, cisa, cybersecurity, exploit, flaw, infrastructure, kev, oracle, vulnerability, windowsU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dassault Systèmes DELMIA Apriso flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Oracle, Windows, Kentico, and Apple flaws to its Known Exploited Vulnerabilities (KEV) catalog. Dassault Systèmes DELMIA Apriso is a Manufacturing Operations Management (MOM) and Manufacturing Execution System (MES) platform.…
-
Oracle EBS Attack Victims May Be More Numerous Than Expected
Numerous organizations have been attacked via Oracle EBS zero-day CVE-2025-61882, and evidence suggests more like Schneider Electric could be on that list. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/oracle-ebs-attack-victims-more-numerous-expected
-
Palo Alto Networks Bets Big on Agentic AI
CEO Nikesh Arora: Next-Generation Security Play Ties Automation to Identity, Cloud. With new products set to launch, Palo Alto Networks is expanding its AI cybersecurity footprint. Chairman and CEO Nikesh Arora introduced the AgentiX platform, a retooled cloud approach, identity enhancements and a deal making Palo Alto the core security provider for Oracle Cloud. First…
-
Palo Alto Adds Agentic AI to Supercharge Security Automation
CEO Nikesh Arora: Next-Generation Security Play Ties Automation to Identity, Cloud. With new products set to launch, Palo Alto Networks is expanding its AI cybersecurity footprint. Chairman and CEO Nikesh Arora introduced the AgentiX platform, a retooled cloud approach, identity enhancements and a deal making Palo Alto the core security provider for Oracle Cloud. First…
-
Schneider Electric Opfer der Oracle E-Business Suite 0-day Schwachstelle CVE-2025-61882
Nutzer der Oracle Oracle E-Business Suite (EBS) werden seit Juli 2025 über eine erst am 4. Oktober 2025 gepatchte 0-day-Schwachstelle CVE-2025-61882 erfolgreich angegriffen. Inzwischen werden die Namen von Opfern bekannt. So ist Schneider Electric Opfer der Clop-Ransomware-Gruppe geworden, die die … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/10/24/oracle-e-business-suite-0-day-schwachstelle-cve-2025-61882/
-
Oracle Patchday Oktober 2025 – Leicht ausnutzbare Sicherheitslücken bei Oracle
Tags: oracleFirst seen on security-insider.de Jump to article: www.security-insider.de/oracle-patchday-oktober-2025-sicherheitsupdates-a-2bf5352891eaadfdea1f73384dde639a/
-
Oracle October 2025 Critical Patch Update Addresses 170 CVEs
Oracle addresses 170 CVEs in its final quarterly update of 2025 with 374 patches, including 40 critical updates. Background On October 21, Oracle released its Critical Patch Update (CPU) for October 2025, the fourth and final quarterly update of the year. This CPU contains fixes for 170 unique CVEs in 374 security updates across 29…
-
Oracle E-Business Suite Vulnerability Exploited In Ransomware Attacks
Tags: attack, business, cisa, cybersecurity, exploit, infrastructure, oracle, ransomware, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has confirmed that a vulnerability impacting Oracle E-Business Suite customers has seen exploitation in ransomware attacks. First seen on crn.com Jump to article: www.crn.com/news/security/2025/cisa-oracle-e-business-suite-vulnerability-exploited-in-ransomware-attacks
-
CISA confirms hackers exploited Oracle E-Business Suite SSRF flaw
CISA has confirmed that an Oracle E-Business Suite flaw tracked as CVE-2025-61884 is being exploited in attacks, adding it to its Known Exploited Vulnerabilities catalog. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-confirms-hackers-exploited-oracle-e-business-suite-ssrf-flaw/