Tag: oracle
-
Critical Zero-Day in Oracle E-Business Suite Prompts Urgent Security Updates
Oracle has issued a security alert warning users of a zero-day vulnerability in its widely used Oracle E-Business Suite. Tracked as CVE-2025-61882, this flaw allows unauthenticated, remote attackers to execute arbitrary code on affected systems. The vulnerability carries a CVSS v3.1 base score of 9.8, making it one of the most critical threats to the…
-
Critical Zero-Day in Oracle E-Business Suite Prompts Urgent Security Updates
Oracle has issued a security alert warning users of a zero-day vulnerability in its widely used Oracle E-Business Suite. Tracked as CVE-2025-61882, this flaw allows unauthenticated, remote attackers to execute arbitrary code on affected systems. The vulnerability carries a CVSS v3.1 base score of 9.8, making it one of the most critical threats to the…
-
Cl0p exploits Oracle E-Business Suite zero-day in data theft, extortion campaign (CVE-2025-61882)
The Cl0p extortion gang exploited multiple Oracle E-Business Suite (EBS) vulnerabilities, including one zero-day flaw (CVE-2025-61882), >>to steal large amounts of data … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/06/cl0p-oracle-data-theft-extortion-cve-2025-61882/
-
Cl0p exploits Oracle E-Business Suite zero-day in data theft, extortion campaign (CVE-2025-61882)
The Cl0p extortion gang exploited multiple Oracle E-Business Suite (EBS) vulnerabilities, including one zero-day flaw (CVE-2025-61882), >>to steal large amounts of data … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/06/cl0p-oracle-data-theft-extortion-cve-2025-61882/
-
âš¡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More
The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons from the field.This recap cuts through the noise to share what really matters”, key trends, warning signs, and stories shaping today’s security landscape. Whether you’re defending systems or just keeping up, these…
-
âš¡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More
The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons from the field.This recap cuts through the noise to share what really matters”, key trends, warning signs, and stories shaping today’s security landscape. Whether you’re defending systems or just keeping up, these…
-
Clop crew hits Oracle E-Business Suite users with fresh zero-day
Big Red rushes out patch for 9.8-rated flaw after crooks exploit it for data theft and extortion First seen on theregister.com Jump to article: www.theregister.com/2025/10/06/clop_oracle_ebs_zeroday/
-
Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks
Oracle has released an emergency update to address a critical security flaw in its E-Business Suite that it said has been exploited in the recent wave of Cl0p data theft attacks.The vulnerability, tracked as CVE-2025-61882 (CVSS score: 9.8), concerns an unspecified bug that could allow an unauthenticated attacker with network access via HTTP to compromise…
-
PoC Released for Remotely Exploitable Oracle E-Business Suite 0-Day
Tags: business, cyber, cybersecurity, detection, hacker, oracle, remote-code-execution, threat, vulnerability, zero-dayOracle has issued an urgent security alert for a critical zero-day vulnerability affecting Oracle E-Business Suite that allows remote code execution without authentication. The vulnerability, tracked as CVE-2025-61882, has now received public proof-of-concept detection capabilities from cybersecurity researcher rxerium. Illustration showing a hacker and icons representing cyber threats with a caption about the $10.5 trillion economic…
-
CVE-2025-61882: Frequently Asked Questions About Oracle E-Business Suite (EBS) Zero-Day and Associated Vulnerabilities
Tags: advisory, attack, breach, business, cve, cyber, data, email, exploit, extortion, finance, flaw, group, intelligence, mitigation, mobile, oracle, ransomware, remote-code-execution, software, threat, update, vulnerability, zero-dayFollowing reports the Cl0p ransomware group has been extorting Oracle E-Business Suite customers, Oracle released an advisory for a zero-day that was exploited in the wild. Background Tenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding a newly disclosed Oracle zero-day vulnerability that was exploited in the…
-
CVE-2025-61882: Frequently Asked Questions About Oracle E-Business Suite (EBS) Zero-Day and Associated Vulnerabilities
Tags: advisory, attack, breach, business, cve, cyber, data, email, exploit, extortion, finance, flaw, group, intelligence, mitigation, mobile, oracle, ransomware, remote-code-execution, software, threat, update, vulnerability, zero-dayFollowing reports the Cl0p ransomware group has been extorting Oracle E-Business Suite customers, Oracle released an advisory for a zero-day that was exploited in the wild. Background Tenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding a newly disclosed Oracle zero-day vulnerability that was exploited in the…
-
Oracle patches EBS zero-day exploited in Clop data theft attacks
Tags: attack, business, data, exploit, flaw, oracle, remote-code-execution, theft, vulnerability, zero-dayOracle is warning about a critical E-Business Suite zero-day vulnerability tracked as CVE-2025-61882 that allows attackers to perform unauthenticated remote code execution, with the flaw actively exploited in Clop data theft attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/oracle-patches-ebs-zero-day-exploited-in-clop-data-theft-attacks/
-
Cybervorfälle: Asahi, Bonify, Renault Dacia, Oracle, Salesforce
Ich fasse mal einige neue Informationen über Ransomware-Infektionen, Datenlecks bzw. solche Vorfälle zusammen. Der Cyberangriff auf den japanischen Bierbrauer Asahi war Ransomware. Dann sind Daten bei Bonify, Dacia und Renault abgeflossen. Oracle hatte die Clop-Ransomware in den Systemen und eine … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/10/05/cybervorfaelle-asahi-bonify-renault-dacia-oracle-salesforce/
-
Oracle tells Clop-targeted EBS users to apply July patch, problem solved
Researchers suggest internet-facing portals are exposing ‘thousands’ of orgs First seen on theregister.com Jump to article: www.theregister.com/2025/10/03/oracle_ebs_clop_extortion/
-
Cl0p-Linked Gang Attempts to Extort Oracle E-Business Customers
A ‘high-volume’ extortion campaign possibly linked to FIN11 and Cl0p is targeting Oracle E-Business executives. Mandiant and GTIG are investigating unproven data theft claims. First seen on hackread.com Jump to article: hackread.com/cl0p-extort-oracle-e-business-customers/
-
Oracle links Clop extortion attacks to July 2025 vulnerabilities
Oracle has linked an ongoing extortion campaign claimed by the Clop ransomware gang to E-Business Suite (EBS) vulnerabilities that were patched in July 2025. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/oracle-links-clop-extortion-attacks-to-july-security-flaws/
-
Oracle tells Clop-targeted EBS users to apply July patch, problem solved
Researchers suggest internet-facing portals are exposing ‘thousands’ of orgs First seen on theregister.com Jump to article: www.theregister.com/2025/10/03/oracle_ebs_clop_extortion/
-
Cl0p-Linked Gang Attempts to Extort Oracle E-Business Customers
A ‘high-volume’ extortion campaign possibly linked to FIN11 and Cl0p is targeting Oracle E-Business executives. Mandiant and GTIG are investigating unproven data theft claims. First seen on hackread.com Jump to article: hackread.com/cl0p-extort-oracle-e-business-customers/
-
Hackers Target Unpatched Flaws in Oracle E-Business Suite
Patches for the targeted vulnerabilities were released in Oracle’s July 2025 security update First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/hackers-flaws-oracle-ebs/
-
Oracle Confirms Hackers Target E-Business Suite Data in Extortion Campaigns
Oracle has confirmed that a group of hackers stole data from its E-Business Suite (EBS) applications and is using the information in extortion campaigns. The company warns that these attackers exploited vulnerabilities already fixed in the July 2025 Critical Patch Update (CPU). Oracle strongly urges all customers to apply the latest CPU immediately to defend…
-
Oracle Confirms Hackers Target E-Business Suite Data in Extortion Campaigns
Oracle has confirmed that a group of hackers stole data from its E-Business Suite (EBS) applications and is using the information in extortion campaigns. The company warns that these attackers exploited vulnerabilities already fixed in the July 2025 Critical Patch Update (CPU). Oracle strongly urges all customers to apply the latest CPU immediately to defend…
-
Google warns of Cl0p extortion campaign against Oracle E-Business users
Google observed Cl0p ransomware group sending extortion emails to executives, claiming theft of Oracle E-Business Suite data. Google Mandiant and Google Threat Intelligence Group (GTIG) researchers are tracking a suspected Cl0p ransomware group’s activity, where threat actors attempt to extort executives with claims of stealing Oracle E-Business Suite data. >>A group of hackers claimed to…
-
Google warns of Cl0p extortion campaign against Oracle E-Business users
Google observed Cl0p ransomware group sending extortion emails to executives, claiming theft of Oracle E-Business Suite data. Google Mandiant and Google Threat Intelligence Group (GTIG) researchers are tracking a suspected Cl0p ransomware group’s activity, where threat actors attempt to extort executives with claims of stealing Oracle E-Business Suite data. >>A group of hackers claimed to…
-
Cl0p-linked threat actors target Oracle E-Business Suite in extortion campaign
Execs: Don’t ‘engage rashly’: There are no common vulnerabilities and exposures (CVEs) for this attack; the issue “stems from configuration and default business logic abuse rather than a specific vulnerability,” according to Halcyon.The firm advises organizations to check if EBS portals are publicly accessible (via /OA_HTML/AppsLocalLogin.jsp#) and if so, immediately restrict exposure. It is also…
-
Oracle Extortion Case: $50M Demand From ‘Notorious’ Hacking Group
After breaching the security of Oracle’s E-Business Suite, a well-known group of hackers is actively trying to extort execs for millions of dollars. The post Oracle Extortion Case: $50M Demand From ‘Notorious’ Hacking Group appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-oracle-e-business-suite-breach-ransom-extortion-clop/
-
Oracle Extortion Case: $50M Demand From ‘Notorious’ Hacking Group
After breaching the security of Oracle’s E-Business Suite, a well-known group of hackers is actively trying to extort execs for millions of dollars. The post Oracle Extortion Case: $50M Demand From ‘Notorious’ Hacking Group appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-oracle-e-business-suite-breach-ransom-extortion-clop/
-
Here is the email Clop attackers sent to Oracle customers
The emails, which are littered with broken English, aim to instill fear, apply pressure, threaten public exposure and seek negotiation for a ransom payment. First seen on cyberscoop.com Jump to article: cyberscoop.com/extortion-email-clop-oracle-customers/
-
Cybercriminals are trying to extort executives with data allegedly stolen through Oracle tool
Incident responders at Google are warning about an extortion campaign, possibly connected to the Clop gang, that targets executives with data that cybercriminals claim was stolen via an Oracle tool. First seen on therecord.media Jump to article: therecord.media/possible-clop-campaign-extortion-executives-stolen-data
-
Hackers claiming ties to Clop launch wide extortion campaign targeting corporate executives
The email-based campaign purports to have sensitive data from breached Oracle E-Business Suite applications.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/hackers-clop-extortion-campaign-executives/801808/
-
Hackers are sending extortion emails to executives after claiming Oracle apps’ data breach
Google says hackers associated with the Clop ransomware gang are emailing executives at multiple organizations claiming to have stolen their personal information from a suite of Oracle E-Business apps. First seen on techcrunch.com Jump to article: techcrunch.com/2025/10/02/hackers-are-sending-extortion-emails-to-executives-after-claiming-oracle-apps-data-breach/