CPO Magazine

Harvard and Envoy Airlines Breached via Oracle’s E-Business Suite Zero-Day Vulnerability

Harvard University and Envoy, an American Airlines subsidiary, have confirmed data breaches linked to a zero-day ...
SecurityWeek

CISA Confirms Exploitation of Latest Oracle EBS Vulnerability

CISA has confirmed that an Oracle E-Business Suite (EBS) vulnerability CVE-2025-61884 has been exploited in the wild.
Hosted on MSN

Clop raid on Oracle E-Business Suite started months ago, researchers warn

Security boffins say the Clop cybercriminal gang has been rummaging through Oracle's E-Business Suite (EBS) for months – and now the exploit code's out there for anyone to grab.… According to new ...
CRN

Oracle: Unpatched Vulnerabilities Behind E-Business Data Extortion Attacks

Following reports that the cybercriminal group Clop has been extorting E-Business Suite customers, Oracle linked the campaign to vulnerabilities addressed in July. The data extortion campaign ...
Bleeping Computer

Clop exploited Oracle zero-day for data theft since early August

The Clop ransomware gang has been exploiting a critical Oracle E-Business Suite (EBS) zero-day bug in data theft attacks since at least early August, according to cybersecurity company CrowdStrike.
The Register on MSN

American Airlines subsidiary Envoy caught in Clop's Oracle EBS raid

Not a good week for Big Red Envoy Air, an American Airlines subsidiary, has confirmed that it was among the dozens of organizations compromised via Oracle E-Business Suite (EBS) security flaws, ...
Bleeping Computer

Oracle patches EBS zero-day exploited in Clop data theft attacks

Update 10/6/25 11:15 AM ET: Updated story with more information on the leaked Oracle source code and the leaking of the exploit. Oracle is warning about a critical E-Business Suite zero-day ...