SecurityWeek

CISA Confirms Exploitation of Latest Oracle EBS Vulnerability

CISA has confirmed that an Oracle E-Business Suite (EBS) vulnerability CVE-2025-61884 has been exploited in the wild.

Clop hackers caught exploiting Oracle zero-day bug to steal executives’ personal data

Oracle fixes another security flaw that Clop hackers were using to steal sensitive personal information about executives as ...
CPO Magazine

Harvard and Envoy Airlines Breached via Oracle’s E-Business Suite Zero-Day Vulnerability

Harvard University and Envoy, an American Airlines subsidiary, have confirmed data breaches linked to a zero-day ...

CISA confirms hackers exploited Oracle E-Business Suite SSRF flaw

CISA has confirmed that an Oracle E-Business Suite flaw tracked as CVE-2025-61884 is being exploited in attacks, adding it to ...
CRN

Oracle: Unpatched Vulnerabilities Behind E-Business Data Extortion Attacks

Following reports that the cybercriminal group Clop has been extorting E-Business Suite customers, Oracle linked the campaign to vulnerabilities addressed in July. The data extortion campaign ...
Bleeping Computer

Oracle patches EBS zero-day exploited in Clop data theft attacks

Update 10/6/25 11:15 AM ET: Updated story with more information on the leaked Oracle source code and the leaking of the exploit. Oracle is warning about a critical E-Business Suite zero-day ...