Tag: oracle
-
Sicherheitsprobleme: AI-Browser; Oracle 0-day; GoAnywhere; Ivanti; 7-Zip etc.
Warnung vor der Verwendung von AI-Browsern, die konzeptionelle Sicherheitsprobleme für Anwender mit sich bringen. Nutzer der Oracle Oracle E-Business Suite (EBS) werden seit Juli 2025 über eine erst am 4. Oktober 2025 gepatchte 0-day-Schwachstelle CVE-2025-61882 erfolgreich angegriffen. Eine GoAnywhere-Schwachstelle wird … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/10/14/sicherheitsluecken-7-zip/
-
Oracles silently fixes zero-day exploit leaked by ShinyHunters
Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters extortion group. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/oracles-silently-fixes-zero-day-exploit-leaked-by-shinyhunters/
-
CVE-2025-61882: Imperva Customers Protected Against Critical Oracle EBS Zero-Day RCE
TL;DR: In early October 2025, Oracle released an emergency security alert addressing CVE-2025-61882, a high-severity unauthenticated remote code execution (RCE) vulnerability in the Concurrent Processing / BI Publisher Integration component of Oracle E-Business Suite (EBS) versions 12.2.3 through 12.2.14. Multiple threat actors (most prominently Cl0p and related groups) are already exploiting it in the wild……
-
Harvard University hit in Oracle EBS cyberattack, 1.3 TB of data leaked by Cl0p group
Harvard University confirmed being targeted in the Oracle EBS campaign after the Cl0p ransomware group leaked 1.3 TB of data. Harvard University confirmed it was targeted in the Oracle E-Business Suite campaign after the Cl0p ransomware group listed it on its leak site. The cybercrime group claimed to have leaked 1.3 TB of data allegedly…
-
Harvard hit in Oracle EBS cyberattack, 1.3 TB of data leaked by Cl0p group
Harvard University confirmed being targeted in the Oracle EBS campaign after the Cl0p ransomware group leaked 1.3 TB of data. Harvard University confirmed it was targeted in the Oracle E-Business Suite campaign after the Cl0p ransomware group listed it on its leak site. The cybercrime group claimed to have leaked 1.3 TB of data allegedly…
-
Oracle rushes out another emergency E-Business Suite patch as Clop fallout widens
Latest in a long line of EBS flaws leta miscreants remotely compromise enterprise systems to pinch sensitive data First seen on theregister.com Jump to article: www.theregister.com/2025/10/14/oracle_rushes_out_another_emergency/
-
Oracle rushes out another emergency E-Business Suite patch as Clop fallout widens
Latest in a long line of EBS flaws leta miscreants remotely compromise enterprise systems to pinch sensitive data First seen on theregister.com Jump to article: www.theregister.com/2025/10/14/oracle_rushes_out_another_emergency/
-
Sicherheitslücke: Weiterer Notfall-Patch für Oracle E-Business Suite
Angreifer können aus der Ferne und ohne Interaktion mit Nutzern auf vertrauliche Daten zugreifen. Oracle verteilt bereits ein Update. First seen on golem.de Jump to article: www.golem.de/news/sicherheitsluecke-weiterer-notfall-patch-fuer-oracle-e-business-suite-2510-201153.html
-
Sicherheitslücke: Weiterer Notfall-Patch für Oracle E-Business Suite
Angreifer können aus der Ferne und ohne Interaktion mit Nutzern auf vertrauliche Daten zugreifen. Oracle verteilt bereits ein Update. First seen on golem.de Jump to article: www.golem.de/news/sicherheitsluecke-weiterer-notfall-patch-fuer-oracle-e-business-suite-2510-201153.html
-
Oracle issues second emergency patch for E-Business Suite in two weeks
Tags: attack, business, cve, cybersecurity, data, exploit, google, governance, group, identity, infrastructure, intelligence, kev, least-privilege, malicious, mandiant, monitoring, network, oracle, strategy, threat, update, vulnerability, zero-trustImmediate actions for CVE-2025-61884: Oracle has provided patches for CVE-2025-61884 for all affected versions covered under Premier Support or Extended Support. However, security experts warned that patching alone may not be sufficient. The lessons from the recent CVE-2025-61882 attacks show that organizations need to hunt for signs of prior compromise even after applying fixes.In a…
-
Oracle issued an emergency security update to fix new E-Business Suite flaw CVE-2025-61884
Oracle issued an emergency security update to address a new E-Business Suite (EBS) vulnerability tracked as CVE-2025-61884. Oracle released an emergency patch to address an information disclosure flaw, tracked as CVE-2025-61884 (CVSS Score of 7.5), in E-Business Suite’s Runtime UI component (versions 12.2.312.2.14). >>Oracle has just released Security Alert CVE-2025-61884. This vulnerability affects some deployments of Oracle E-Business…
-
Oracle issued an emergency security update to fix new E-Business Suite flaw CVE-2025-61884
Oracle issued an emergency security update to address a new E-Business Suite (EBS) vulnerability tracked as CVE-2025-61884. Oracle released an emergency patch to address an information disclosure flaw, tracked as CVE-2025-61884 (CVSS Score of 7.5), in E-Business Suite’s Runtime UI component (versions 12.2.312.2.14). >>Oracle has just released Security Alert CVE-2025-61884. This vulnerability affects some deployments of Oracle E-Business…
-
Critical Oracle EBS Flaw Could Expose Sensitive Data
Oracle patches a high-severity EBS flaw that could let attackers bypass authentication and access sensitive enterprise data. The post Critical Oracle EBS Flaw Could Expose Sensitive Data appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-oracle-ebs-vulnerability/
-
Critical Oracle EBS Flaw Could Expose Sensitive Data
Oracle patches a high-severity EBS flaw that could let attackers bypass authentication and access sensitive enterprise data. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/oracle-ebs-vulnerability/
-
Harvard says ‘limited number of parties’ impacted by breach linked to Oracle zero-day
Harvard University said a recent incident that is impacting Oracle E-Business Suite customers impacted a “limited number of parties associated with a small administrative unit.” First seen on therecord.media Jump to article: therecord.media/harvard-says-limited-number-linked-to-data-theft
-
Cloudflare und Oracle bündeln Kräfte: Schnellere, sicherere Anwendungen und KI-Workloads in der Cloud
Cloudflare betreibt eines der größten und am besten vernetzten globalen Netzwerke der Welt. Über die Connectivity Cloud-Plattform profitieren Unternehmen von Start-ups bis Behörden First seen on infopoint-security.de Jump to article: www.infopoint-security.de/cloudflare-und-oracle-buendeln-kraefte-schnellere-sicherere-anwendungen-und-ki-workloads-in-der-cloud/a42343/
-
Cloudflare und Oracle bündeln Kräfte: Schnellere, sicherere Anwendungen und KI-Workloads in der Cloud
Cloudflare betreibt eines der größten und am besten vernetzten globalen Netzwerke der Welt. Über die Connectivity Cloud-Plattform profitieren Unternehmen von Start-ups bis Behörden First seen on infopoint-security.de Jump to article: www.infopoint-security.de/cloudflare-und-oracle-buendeln-kraefte-schnellere-sicherere-anwendungen-und-ki-workloads-in-der-cloud/a42343/
-
Cloudflare und Oracle bündeln Kräfte: Schnellere, sicherere Anwendungen und KI-Workloads in der Cloud
Cloudflare betreibt eines der größten und am besten vernetzten globalen Netzwerke der Welt. Über die Connectivity Cloud-Plattform profitieren Unternehmen von Start-ups bis Behörden First seen on infopoint-security.de Jump to article: www.infopoint-security.de/cloudflare-und-oracle-buendeln-kraefte-schnellere-sicherere-anwendungen-und-ki-workloads-in-der-cloud/a42343/
-
Oracle releases emergency patch for new E-Business Suite flaw
Oracle has issued an emergency security update over the weekend to patch another E-Business Suite (EBS) vulnerability that can be exploited remotely by unauthenticated attackers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/oracle-releases-emergency-patch-for-new-e-business-suite-flaw/
-
Oracle Warns of New EBS Vulnerability That Allows Remote Access
Oracle issued another security alert about a vulnerability in its E-Business Suite that could be remotely exploited by bad actors without the need for a username or password, similar to other flaws found in the software packages abused in recent months by the Cl0p ransomware group. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/oracle-warns-of-new-ebs-vulnerability-that-allows-remote-access/
-
Oracle Warns of New EBS Vulnerability That Allows Remote Access
Oracle issued another security alert about a vulnerability in its E-Business Suite that could be remotely exploited by bad actors without the need for a username or password, similar to other flaws found in the software packages abused in recent months by the Cl0p ransomware group. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/oracle-warns-of-new-ebs-vulnerability-that-allows-remote-access/
-
Harvard investigating breach linked to Oracle zero-day exploit
Tags: breach, business, data, data-breach, exploit, leak, oracle, ransomware, vulnerability, zero-dayHarvard University is investigating a data breach after the Clop ransomware gang listed the school on its data leak site, saying the alleged breach was likely caused by a recently disclosed zero-day vulnerability in Oracle’s E-Business Suite servers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/harvard-investigating-breach-linked-to-oracle-zero-day-exploit/
-
Harvard investigating breach linked to Oracle zero-day exploit
Tags: breach, business, data, data-breach, exploit, leak, oracle, ransomware, vulnerability, zero-dayHarvard University is investigating a data breach after the Clop ransomware gang listed the school on its data leak site, saying the alleged breach was likely caused by a recently disclosed zero-day vulnerability in Oracle’s E-Business Suite servers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/harvard-investigating-breach-linked-to-oracle-zero-day-exploit/
-
âš¡ Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More
Every week, the cyber world reminds us that silence doesn’t mean safety. Attacks often begin quietly, one unpatched flaw, one overlooked credential, one backup left unencrypted. By the time alarms sound, the damage is done.This week’s edition looks at how attackers are changing the game, linking different flaws, working together across borders, and even turning…
-
âš¡ Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More
Every week, the cyber world reminds us that silence doesn’t mean safety. Attacks often begin quietly, one unpatched flaw, one overlooked credential, one backup left unencrypted. By the time alarms sound, the damage is done.This week’s edition looks at how attackers are changing the game, linking different flaws, working together across borders, and even turning…
-
Google, Mandiant expose malware and zero-day behind Oracle EBS extortion
Google and Mandiant link Oracle EBS extortion emails to known July-patched flaws and a likely zero-day, CVE-2025-61882. Google Threat Intelligence and Mandiant analyzed the Oracle E-Business Suite extortion campaign, revealing the use of malware. Attackers exploited July-patched EBS flaws and likely a zero-day (CVE-2025-61882), sending extortion emails to company executives. In early October, Google Mandiant…
-
What to look for in a data protection platform for hybrid clouds
Tags: access, advisory, ai, attack, automation, backup, breach, business, cisco, cloud, compliance, computing, control, corporate, data, defense, encryption, endpoint, framework, gartner, google, governance, government, group, guide, ibm, identity, infrastructure, intelligence, Internet, iot, kubernetes, law, malware, metric, microsoft, monitoring, network, oracle, privacy, ransomware, regulation, risk, risk-assessment, saas, service, software, technology, threat, tool, veeam, vmware, vulnerability, zero-trusthybrid cloud data protection buyer’s guide today!] In this buyer’s guide Data protection for hybrid clouds explainedWhy hybrid clouds need data protectionWhat to look for in a data protection platform for hybrid cloudsMajor trends in data protection for hybrid cloudsLeading vendors for data protection of hybrid cloudsWhat to ask before buying data protection for hybrid…
-
What to look for in a data protection platform for hybrid clouds
Tags: access, advisory, ai, attack, automation, backup, breach, business, cisco, cloud, compliance, computing, control, corporate, data, defense, encryption, endpoint, framework, gartner, google, governance, government, group, guide, ibm, identity, infrastructure, intelligence, Internet, iot, kubernetes, law, malware, metric, microsoft, monitoring, network, oracle, privacy, ransomware, regulation, risk, risk-assessment, saas, service, software, technology, threat, tool, veeam, vmware, vulnerability, zero-trusthybrid cloud data protection buyer’s guide today!] In this buyer’s guide Data protection for hybrid clouds explainedWhy hybrid clouds need data protectionWhat to look for in a data protection platform for hybrid cloudsMajor trends in data protection for hybrid cloudsLeading vendors for data protection of hybrid cloudsWhat to ask before buying data protection for hybrid…
-
What to look for in a data protection platform for hybrid clouds
Tags: access, advisory, ai, attack, automation, backup, breach, business, cisco, cloud, compliance, computing, control, corporate, data, defense, encryption, endpoint, framework, gartner, google, governance, government, group, guide, ibm, identity, infrastructure, intelligence, Internet, iot, kubernetes, law, malware, metric, microsoft, monitoring, network, oracle, privacy, ransomware, regulation, risk, risk-assessment, saas, service, software, technology, threat, tool, veeam, vmware, vulnerability, zero-trusthybrid cloud data protection buyer’s guide today!] In this buyer’s guide Data protection for hybrid clouds explainedWhy hybrid clouds need data protectionWhat to look for in a data protection platform for hybrid cloudsMajor trends in data protection for hybrid cloudsLeading vendors for data protection of hybrid cloudsWhat to ask before buying data protection for hybrid…
-
Oracle E-Business Suite Flaw Enables Remote Code Execution and Data Theft
Tags: business, cvss, cyber, data, flaw, oracle, remote-code-execution, software, theft, vulnerabilityOracle has issued a critical security alert for a severe vulnerability in its E-Business Suite platform that could allow attackers to execute remote code and steal sensitive data without requiring authentication. The flaw, identified asCVE-2025-61884, affects multiple versions of the widely used enterprise software and has been assigned a CVSS score of 7.5, indicating high…