CISA confirms hackers exploited Oracle E-Business Suite SSRF flaw

CISA has confirmed that an Oracle E-Business Suite flaw tracked as CVE-2025-61884 is being exploited in attacks, adding it to ...
SecurityWeek

CISA Confirms Exploitation of Latest Oracle EBS Vulnerability

CISA has confirmed that an Oracle E-Business Suite (EBS) vulnerability CVE-2025-61884 has been exploited in the wild.
CPO Magazine

Harvard and Envoy Airlines Breached via Oracle’s E-Business Suite Zero-Day Vulnerability

Harvard University and Envoy, an American Airlines subsidiary, have confirmed data breaches linked to a zero-day ...
Infosecurity-magazine.com

NCSC: Patch Critical Oracle EBS Bug Now

Oracle E-Business Suite (EBS) customers have been urged to patch a critical vulnerability in the product, after reports that the notorious Clop ransomware group has exploited the bug in attacks as a ...
CSOonline

Oracle issues emergency patch for zero-day flaw exploited by Cl0p ransomware gang

It’s the bad news that many customers of Oracle E-Business Suite (EBS) have been dreading: reports of ransomware attacks targeting the software have turned out to be connected to a serious zero-day ...
TechRadar

Oracle forced to rush out patch for zero-day exploited in attacks

Oracle patched a critical zero-day RCE flaw in E-Business Suite, actively exploited by ransomware actors Attackers used compromised email accounts to extort victims; FIN11 and Cl0p may be involved CVE ...
TechCrunch

Clop hackers caught exploiting Oracle zero-day bug to steal executives’ personal data

Oracle has fixed a zero-day vulnerability in one of its flagship business software products that a hacking group is currently abusing to steal personal information about corporate executives. In a ...
CRN

Oracle: Unpatched Vulnerabilities Behind E-Business Data Extortion Attacks

Following reports that the cybercriminal group Clop has been extorting E-Business Suite customers, Oracle linked the campaign to vulnerabilities addressed in July. The data extortion campaign ...
TechSpot

Oracle and Google warn of large-scale extortion emails hitting enterprise clients

A hot potato: Oracle has confirmed that customers using its E-Business Suite have received extortion emails, marking an escalation in a hacking campaign first reported by Google earlier in the week.
TechCrunch

‘Dozens’ of organizations had data stolen in Oracle-linked hacks

Security researchers at Google say hackers targeting corporate executives with extortion emails have stolen data from “dozens of organizations,” one of the first signs that the hacking campaign may be ...
Hosted on MSN

American Airlines subsidiary Envoy caught in Clop's Oracle EBS raid

Envoy Air, an American Airlines subsidiary, has confirmed that it was among the dozens of organizations compromised via Oracle E-Business Suite (EBS) security flaws, following claims by Clop ...
Hosted on MSN

Oracle tells Clop-targeted EBS users to apply July patch, problem solved

Oracle has finally broken its silence on those Clop-linked extortion emails, but only to tell customers what they already should have known: patch your damn systems.… The database giant posted an ...