SecurityWeek

Exploitation of Oracle EBS Zero-Day Started 2 Months Before Patching

Hundreds of internet-exposed Oracle E-Business Suite instances may still be vulnerable to attacks. More information has come to light on the recently patched Oracle E-Business Suite (EBS) zero-day, ...
theregister

Clop raid on Oracle E-Business Suite started months ago, researchers warn

Security boffins say the Clop cybercriminal gang has been rummaging through Oracle's E-Business Suite (EBS) for months – and now the exploit code's out there for anyone to grab. Oracle's EBS ...
scmp.com

HungryPanda watching China’s food price wars but says its customers ‘less price sensitive’

Corrects the surname of company's public affairs director to Lu HungryPanda, the overseas food delivery platform specialising in Chinese and Asian food, is closely watching the price wars in China ...
Infosecurity-magazine.com

NCSC: Patch Critical Oracle EBS Bug Now

Oracle E-Business Suite (EBS) customers have been urged to patch a critical vulnerability in the product, after reports that the notorious Clop ransomware group has exploited the bug in attacks as a ...
techzine

Oracle patches actively exploited zero-day vulnerability in E-Business Suite

Oracle has patched a critical vulnerability in E-Business Suite that was actively exploited in data theft attacks by the Clop group. This is a zero-day vulnerability, registered as CVE-2025-61882, ...
TechCrunch

Clop hackers caught exploiting Oracle zero-day bug to steal executives’ personal data

Oracle has fixed a zero-day vulnerability in one of its flagship business software products that a hacking group is currently abusing to steal personal information about corporate executives. In a ...
CSOonline

Oracle issues emergency patch for zero-day flaw exploited by Cl0p ransomware gang

It’s the bad news that many customers of Oracle E-Business Suite (EBS) have been dreading: reports of ransomware attacks targeting the software have turned out to be connected to a serious zero-day ...
TechRadar

Oracle forced to rush out patch for zero-day exploited in attacks

Oracle patched a critical zero-day RCE flaw in E-Business Suite, actively exploited by ransomware actors Attackers used compromised email accounts to extort victims; FIN11 and Cl0p may be involved CVE ...
Becker's Hospital Review

Hospitals scramble to fix major Oracle vulnerability

The American Hospital Association and FBI are urging hospitals and health systems that are Oracle customers to “immediately” fix a security flaw that cybercriminals are likely already leveraging to ...
SecurityWeek

Oracle E-Business Suite Zero-Day Exploited in Cl0p Attacks

Oracle has informed customers that it has patched a critical remote code execution vulnerability tracked as CVE-2025-61882. The recent data theft and extortion campaign targeting Oracle E-Business ...
Bleeping Computer

Oracle patches EBS zero-day exploited in Clop data theft attacks

Update 10/6/25 11:15 AM ET: Updated story with more information on the leaked Oracle source code and the leaking of the exploit. Oracle is warning about a critical E-Business Suite zero-day ...