The Hacker News

Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks

CrowdStrike on Monday said it's attributing the exploitation of a recently disclosed security flaw in Oracle E-Business Suite with moderate confidence to a threat actor it tracks as Graceful Spider ...
SecurityWeek

Sophisticated Malware Deployed in Oracle EBS Zero-Day Attacks

Google Threat Intelligence Group (GTIG) and Mandiant have continued to analyze the recent Oracle E-Business Suite (EBS) extortion campaign and their researchers have identified some of the pieces of ...
Security Boulevard

CVE-2025-61882: Imperva Customers Protected Against Critical Oracle EBS Zero-Day RCE

TL;DR: In early October 2025, Oracle released an emergency security alert addressing CVE-2025-61882, a high-severity unauthenticated remote code execution (RCE) vulnerability in the Concurrent ...
SecurityWeek

Oracle Patches EBS Vulnerability Allowing Access to Sensitive Data

It’s unclear if the new Oracle E-Business Suite flaw, which can be exploited remotely without authentication, has been used in the wild. Oracle over the weekend announced the availability of a patch ...