SecurityWeek

Harvard Is First Confirmed Victim of Oracle EBS Zero-Day Hack

Hackers have posted over 1 Tb of information allegedly stolen from Harvard on the Cl0p data leak website. Harvard University is the first confirmed victim of the recent cybercrime campaign targeting ...
Bleeping Computer

Oracle releases emergency patch for new E-Business Suite flaw

Oracle has issued an emergency security update over the weekend to patch another E-Business Suite (EBS) vulnerability that can be exploited remotely by unauthenticated attackers. Tracked as ...
Infosecurity-magazine.com

Google: Clop Accessed “Significant Amount” of Data in Oracle EBS Exploit

The Clop ransomware group likely began targeting Oracle E-Business Suite (EBS) instances as early as August 9, successfully exfiltrating a “significant amount” of data new insights from Google Threat ...
cybernews

Cl0p found exploiting Oracle EBS zero-day months before critical patch release

Google threat researchers have revealed that the Cl0p ransom gang, which is said to have compromised hundreds of companies in a zero-day spree targeting Oracle E Business Suite (EBS), likely began its ...
The Hacker News

CL0P-Linked Hackers Breach Dozens of Organizations Through Oracle Software Flaw

Dozens of organizations may have been impacted following the zero-day exploitation of a security flaw in Oracle's E-Business Suite (EBS) software since August 9, 2025, Google Threat Intelligence Group ...
SecurityWeek

Exploitation of Oracle EBS Zero-Day Started 2 Months Before Patching

Hundreds of internet-exposed Oracle E-Business Suite instances may still be vulnerable to attacks. More information has come to light on the recently patched Oracle E-Business Suite (EBS) zero-day, ...
theregister

Clop raid on Oracle E-Business Suite started months ago, researchers warn

Security boffins say the Clop cybercriminal gang has been rummaging through Oracle's E-Business Suite (EBS) for months – and now the exploit code's out there for anyone to grab. Oracle's EBS ...
Infosecurity-magazine.com

NCSC: Patch Critical Oracle EBS Bug Now

Oracle E-Business Suite (EBS) customers have been urged to patch a critical vulnerability in the product, after reports that the notorious Clop ransomware group has exploited the bug in attacks as a ...
The Hacker News

Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks

CrowdStrike on Monday said it's attributing the exploitation of a recently disclosed security flaw in Oracle E-Business Suite with moderate confidence to a threat actor it tracks as Graceful Spider ...
cybernews

Cyber authorities ring alarm bell over actively exploited Oracle E-Business Suite bug

Cybersecurity authorities are urging organizations to patch a critical zero-day bug in Oracle’s E-Business Suite (EBS) that’s already being actively exploited. The flaw enables unauthenticated ...
Bleeping Computer

Oracle patches EBS zero-day exploited in Clop data theft attacks

Update 10/6/25 11:15 AM ET: Updated story with more information on the leaked Oracle source code and the leaking of the exploit. Oracle is warning about a critical E-Business Suite zero-day ...
theregister

Oracle tells Clop-targeted EBS users to apply July patch, problem solved

Oracle has finally broken its silence on those Clop-linked extortion emails, but only to tell customers what they already should have known: patch your damn systems. The database giant posted an ...