Topic: clop ransomware
-
Google: Clop Hackers Stole Major Data in Oracle Breach
The Clop ransomware group breached Oracle's E-Business Suite starting around August 9, exploiting a zero-day vulnerability (CVE-2025-61882) to steal corporate data before patches were available. Victims received extortion emails from Clop affiliates demanding payment to prevent public data releas...
Read More » -
Clop Hackers Stole Data Using Oracle Zero-Day Since August
The Clop ransomware group exploited a critical zero-day vulnerability (CVE-2025-61882) in Oracle's E-Business Suite, enabling remote code execution and leading to widespread data theft and extortion attempts. Security researchers and analysts confirmed the vulnerability allows unauthenticated att...
Read More » -
Oracle Ties Clop Ransomware to Critical July 2025 Flaws
Oracle has linked extortion emails from the Clop ransomware group to critical vulnerabilities in its E-Business Suite, which were patched in July 2025, urging customers to apply updates immediately. The attackers claim to have stolen sensitive data from Oracle systems and are threatening to relea...
Read More » -
Oracle Fixes Zero-Day Exploited in Clop Ransomware Attacks
Oracle has issued an urgent alert for a critical zero-day vulnerability (CVE-2025-61882) in its E-Business Suite, allowing unauthenticated remote code execution and actively exploited by the Clop ransomware group for data theft. The vulnerability affects versions 12.2.3 to 12.2.14, with Oracle re...
Read More » -
Hackers Exploit Critical Oracle Flaw, CISA Confirms
CISA has added the critical Oracle E-Business Suite vulnerability CVE-2025-61884 to its Known Exploited Vulnerabilities catalog, confirming active exploitation and mandating federal agencies to patch by November 10, 2025. The vulnerability is an unauthenticated server-side request forgery (SSRF) ...
Read More » -
Oracle Quietly Patches Critical Zero-Day Exposed by Hackers
Oracle urgently patched a critical pre-authentication SSRF vulnerability (CVE-2025-61884) in its E-Business Suite after the ShinyHunters group leaked a working exploit, enabling unauthorized access without login credentials. Two separate threat actors, Clop and ShinyHunters, exploited distinct Or...
Read More » -
Fortra Issues Critical Alert for GoAnywhere MFT Vulnerability
Fortra has issued an urgent alert for a critical vulnerability (CVE-2025-10035) in GoAnywhere MFT software, allowing remote command injection due to unsafe data deserialization. The vulnerability can be exploited without user interaction, particularly affecting internet-exposed Admin Consoles, an...
Read More » -
UK arrests teens behind 'Scattered Spider' Transport for London hack
Two British teenagers, Owen Flowers and Thalha Jubair, have been arrested for a major cyberattack on Transport for London in August 2024, with both linked to the Scattered Spider hacking group. The attack caused significant disruption and financial losses to TfL, compromising personal data and in...
Read More »
