The Hacker News

Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks

CrowdStrike on Monday said it's attributing the exploitation of a recently disclosed security flaw in Oracle E-Business Suite with moderate confidence to a threat actor it tracks as Graceful Spider ...
SecurityWeek

Sophisticated Malware Deployed in Oracle EBS Zero-Day Attacks

Google Threat Intelligence Group (GTIG) and Mandiant have continued to analyze the recent Oracle E-Business Suite (EBS) extortion campaign and their researchers have identified some of the pieces of ...
SecurityWeek

Oracle Patches EBS Vulnerability Allowing Access to Sensitive Data

It’s unclear if the new Oracle E-Business Suite flaw, which can be exploited remotely without authentication, has been used in the wild. Oracle over the weekend announced the availability of a patch ...
Bleeping Computer

Oracle patches EBS zero-day exploited in Clop data theft attacks

Update 10/6/25 11:15 AM ET: Updated story with more information on the leaked Oracle source code and the leaking of the exploit. Oracle is warning about a critical E-Business Suite zero-day ...