Topic: oracle ebs
-
Urgent: Hackers Exploit Unpatched Oracle EBS Vulnerabilities
Oracle has confirmed active exploitation of unpatched vulnerabilities in its E-Business Suite, with hackers sending extortion emails claiming to have stolen sensitive corporate data. The vulnerabilities were resolved in the July 2025 Critical Patch Update, which addressed nine EBS flaws, includin...
Read More » -
Hackers Exploit Critical Oracle Flaw, CISA Confirms
CISA has added the critical Oracle E-Business Suite vulnerability CVE-2025-61884 to its Known Exploited Vulnerabilities catalog, confirming active exploitation and mandating federal agencies to patch by November 10, 2025. The vulnerability is an unauthenticated server-side request forgery (SSRF) ...
Read More » -
Oracle Issues Urgent Patch for Critical E-Business Suite Flaw
Oracle has released an urgent security patch for a critical vulnerability (CVE-2025-61884) in its E-Business Suite, which can be exploited remotely without authentication to access confidential information. The vulnerability, with a CVSS score of 7.5, affects EBS versions 12.2.3 to 12.2.14, and O...
Read More » -
Cl0p Gang Hits Oracle in Major Data Theft Campaign
The Cl0p ransomware gang exploited a zero-day vulnerability (CVE-2025-61882) in Oracle E-Business Suite to exfiltrate data and send extortion emails to victims in August 2025. Oracle issued a security advisory for the vulnerability, which allows unauthenticated remote attackers to execute code vi...
Read More » -
Google: Clop Hackers Stole Major Data in Oracle Breach
The Clop ransomware group breached Oracle's E-Business Suite starting around August 9, exploiting a zero-day vulnerability (CVE-2025-61882) to steal corporate data before patches were available. Victims received extortion emails from Clop affiliates demanding payment to prevent public data releas...
Read More » -
Clop Hackers Stole Data Using Oracle Zero-Day Since August
The Clop ransomware group exploited a critical zero-day vulnerability (CVE-2025-61882) in Oracle's E-Business Suite, enabling remote code execution and leading to widespread data theft and extortion attempts. Security researchers and analysts confirmed the vulnerability allows unauthenticated att...
Read More » -
Leaked Oracle EBS Exploit Fuels New Attack Wave (CVE-2025-61882)
A critical vulnerability chain in Oracle's E-Business Suite (CVE-2025-61882) is being actively exploited following the public leak of functional exploit scripts, enabling complete system compromise. The attack uses obfuscated HTTP requests to perform server-side request forgery, tricking the serv...
Read More » -
Clop Ransomware Group Claims Oracle Data Theft in New Extortion Emails
A sophisticated extortion campaign is targeting corporate executives with emails alleging data theft from Oracle E-Business Suite systems, tracked by security firms Mandiant and Google. Attackers, potentially linked to the Clop ransomware group and historically connected to FIN11, demand payment ...
Read More » -
Oracle Customers Warned of E-Business Suite Data Breach
Businesses using Oracle's E-Business Suite are receiving threatening emails from attackers claiming to have stolen data and demanding millions in ransoms, though these breach claims remain unverified. The campaign originated from compromised email accounts, with security experts noting possible l...
Read More » -
Harvard Probes Data Breach from Oracle Zero-Day Flaw
Harvard University is investigating a potential data breach after the Clop ransomware group listed it on its leak portal, likely due to a zero-day vulnerability in Oracle's E-Business Suite servers. The university confirmed the issue is widespread among Oracle clients, applied the security patch ...
Read More »
