CRN

Oracle: Unpatched Vulnerabilities Behind E-Business Data Extortion Attacks

Following reports that the cybercriminal group Clop has been extorting E-Business Suite customers, Oracle linked the campaign to vulnerabilities addressed in July. The data extortion campaign ...
CRN

CISA: Oracle E-Business Suite Vulnerability Exploited In Ransomware Attacks

Oracle had initially disclosed the vulnerability earlier this month, though without providing any details about exploitation. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ...
Computer Weekly

Oracle patches E-Business suite targeted by Cl0p ransomware

Oracle has issued a fix for a critical remote code execution (RCE) vulnerability in its E-Business Suite (EBS), as the well-used enterprise resource planning (ERP) software package emerges as the ...
Bleeping Computer

Oracle silently fixes zero-day exploit leaked by ShinyHunters

Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters ...
Dark Reading

Oracle EBS Attack Victims May Be More Numerous Than Expected

The list of enterprises targeted by recent Oracle EBS attacks may also include Schneider Electric, Pan American Steel, and Cox Enterprises. Earlier this month, the infamous ransomware-as-a-service ...
Bleeping Computer

Oracle patches EBS zero-day exploited in Clop data theft attacks

Update 10/6/25 11:15 AM ET: Updated story with more information on the leaked Oracle source code and the leaking of the exploit. Oracle is warning about a critical E-Business Suite zero-day ...