Topic: oracle ebs
-
GlobalLogic Alerts 10,000 Staff to Data Theft After Oracle Hack
GlobalLogic notified over 10,000 current and former employees of a data breach after attackers exploited a zero-day vulnerability in Oracle's E-Business Suite, compromising sensitive HR data. The breach, attributed to the Clop ransomware group, involved the theft of extensive personal and financi...
Read More » -
Urgent: Hackers Exploit Unpatched Oracle EBS Vulnerabilities
Oracle has confirmed active exploitation of unpatched vulnerabilities in its E-Business Suite, with hackers sending extortion emails claiming to have stolen sensitive corporate data. The vulnerabilities were resolved in the July 2025 Critical Patch Update, which addressed nine EBS flaws, includin...
Read More » -
Hackers Exploit Critical Oracle Flaw, CISA Confirms
CISA has added the critical Oracle E-Business Suite vulnerability CVE-2025-61884 to its Known Exploited Vulnerabilities catalog, confirming active exploitation and mandating federal agencies to patch by November 10, 2025. The vulnerability is an unauthenticated server-side request forgery (SSRF) ...
Read More » -
Oracle Issues Urgent Patch for Critical E-Business Suite Flaw
Oracle has released an urgent security patch for a critical vulnerability (CVE-2025-61884) in its E-Business Suite, which can be exploited remotely without authentication to access confidential information. The vulnerability, with a CVSS score of 7.5, affects EBS versions 12.2.3 to 12.2.14, and O...
Read More » -
Cl0p Gang Hits Oracle in Major Data Theft Campaign
The Cl0p ransomware gang exploited a zero-day vulnerability (CVE-2025-61882) in Oracle E-Business Suite to exfiltrate data and send extortion emails to victims in August 2025. Oracle issued a security advisory for the vulnerability, which allows unauthenticated remote attackers to execute code vi...
Read More » -
University of Pennsylvania Discloses New Data Breach Following Oracle Hack
The University of Pennsylvania suffered a data breach after attackers exploited a zero-day flaw in Oracle's financial software, compromising personal information and linking the incident to the Clop ransomware gang's extortion campaign. While the university officially notified 1,488 affected indi...
Read More » -
GlobalLogic Hit by Cl0p Ransomware Following Oracle EBS Breach
GlobalLogic, a Hitachi-owned software firm, notified 10,471 current and former employees that their personal and financial data was stolen due to a breach in its Oracle E-Business Suite platform. The breach exploited a zero-day vulnerability in Oracle's system, leading to data exfiltration on Oct...
Read More » -
Google: Clop Hackers Stole Major Data in Oracle Breach
The Clop ransomware group breached Oracle's E-Business Suite starting around August 9, exploiting a zero-day vulnerability (CVE-2025-61882) to steal corporate data before patches were available. Victims received extortion emails from Clop affiliates demanding payment to prevent public data releas...
Read More » -
Clop Hackers Stole Data Using Oracle Zero-Day Since August
The Clop ransomware group exploited a critical zero-day vulnerability (CVE-2025-61882) in Oracle's E-Business Suite, enabling remote code execution and leading to widespread data theft and extortion attempts. Security researchers and analysts confirmed the vulnerability allows unauthenticated att...
Read More » -
Leaked Oracle EBS Exploit Fuels New Attack Wave (CVE-2025-61882)
A critical vulnerability chain in Oracle's E-Business Suite (CVE-2025-61882) is being actively exploited following the public leak of functional exploit scripts, enabling complete system compromise. The attack uses obfuscated HTTP requests to perform server-side request forgery, tricking the serv...
Read More » -
Clop Ransomware Group Claims Oracle Data Theft in New Extortion Emails
A sophisticated extortion campaign is targeting corporate executives with emails alleging data theft from Oracle E-Business Suite systems, tracked by security firms Mandiant and Google. Attackers, potentially linked to the Clop ransomware group and historically connected to FIN11, demand payment ...
Read More » -
Oracle Customers Warned of E-Business Suite Data Breach
Businesses using Oracle's E-Business Suite are receiving threatening emails from attackers claiming to have stolen data and demanding millions in ransoms, though these breach claims remain unverified. The campaign originated from compromised email accounts, with security experts noting possible l...
Read More » -
Dartmouth College Hit by Clop Ransomware Data Breach
Dartmouth College experienced a data breach by the Clop ransomware group, which exploited a zero-day vulnerability in Oracle E-Business Suite to steal personal data, including names and Social Security numbers. The breach affected at least 1,494 individuals, with financial account details also co...
Read More » -
Harvard Probes Data Breach from Oracle Zero-Day Flaw
Harvard University is investigating a potential data breach after the Clop ransomware group listed it on its leak portal, likely due to a zero-day vulnerability in Oracle's E-Business Suite servers. The university confirmed the issue is widespread among Oracle clients, applied the security patch ...
Read More » -
Washington Post Data Breach Hits 10,000 Employees, Contractors
A data breach at The Washington Post exposed personal and financial data of nearly 10,000 employees and contractors, exploiting a zero-day vulnerability in the Oracle E-Business Suite software. The attack, linked to the Clop ransomware gang, involved unauthorized network access from July to Augus...
Read More »