Bleeping Computer

Oracle links Clop extortion attacks to July 2025 vulnerabilities

Oracle has linked an ongoing extortion campaign claimed by the Clop ransomware gang to E-Business Suite (EBS) vulnerabilities that were patched in July 2025. While the company has yet to attribute the ...
CRN

Oracle Now Says ‘Critical’ Zero-Day Flaw Behind Data Extortion Attacks, Releases Patch

The disclosure follows reports that the cybercriminal group Clop has been extorting a significant number of E-Business Suite customers. Oracle is now linking a widespread data extortion campaign ...
Dark Reading

Clop Ransomware Hits Oracle Customers Via Zero-Day Flaw

A prolific ransomware gang is targeting Oracle customers affected by a recent zero-day vulnerability. That zero-day is CVE-2025-61882, a critical flaw in Oracle E-Business Suite that enables an ...
Bleeping Computer

Oracle warns of Agile PLM file disclosure flaw exploited in attacks

Oracle has fixed an unauthenticated file disclosure flaw in Oracle Agile Product Lifecycle Management (PLM) tracked as CVE-2024-21287, which was actively exploited as a zero-day to download files.
CRN

CISA: Oracle E-Business Suite Vulnerability Exploited In Ransomware Attacks

Oracle had initially disclosed the vulnerability earlier this month, though without providing any details about exploitation. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ...