Skip to main content
See every side of every news story
Get Started
SubscribeLogin
Published loading...Updated

Clop Hits Oracle E-Business Suite Users with Fresh Zero-Day

Oracle patched a critical vulnerability in E-Business Suite exploited by Clop ransomware gang to steal data; the flaw has a CVSS score of 9.8 and enables remote code execution.

  • On October 4, Oracle rushed an emergency patch for a zero-day in Oracle E-Business Suite versions 12.2.3 through 12.2.14, following active exploitation by Clop.
  • CVE-2025-61882 is a critical vulnerability with CVSS 3.1 base score 9.8 that enables unauthenticated remote code execution targeting Oracle Concurrent Processing product via HTTP.
  • Leaked on Telegram, the exploit archive file containing exp.py and server.py automates attacks, while Oracle published indicators of compromise listing IPs, files, and commands to aid detection.
  • The Clop extortion gang has been sending extortion emails since last Monday claiming stolen EBS files, while Oracle and security firms advise customers to patch immediately and assume compromise.
  • Mandiant warns that broad mass exploitation has occurred and 'n-day' exploitation may continue, while Clop told BleepingComputer, `Soon all will become obvious that Oracle bugged up their core product and once again, the task is on clop to save the day.
Insights by Ground AI
Podcasts & Opinions

13 Articles

TechCrunchTechCrunch
Center

Clop hackers caught exploiting Oracle zero-day bug to steal executives' personal data

Oracle fixes another security flaw that Clop hackers were using to steal sensitive personal information about executives as part of a mass-extortion campaign.

·United States
Read Full Article
Tech RadarTech Radar
Center

Oracle forced to rush out patch for zero-day exploited in attacks

A zero-day in Oracle E-Business Suite is being exploited in the wild to steal files from US corporations.

·United Kingdom
Read Full Article
The RegisterThe Register
Center

Clop hits Oracle E-Business Suite users with fresh zero-day

: Big Red rushes out patch for 9.8-rated flaw after crooks exploit it for data theft and extortion

Read Full Article
BleepingComputerBleepingComputer
Reposted by
unsafe.shunsafe.sh
Center

Oracle patches EBS zero-day exploited in Clop data theft attacks

Oracle is warning about a critical E-Business Suite zero-day vulnerability tracked as CVE-2025-61882 that allows attackers to perform unauthenticated remote code execution, with the flaw actively exploited in Clop data theft attacks.

Read Full Article
Techzine EuropeTechzine Europe

Oracle patches actively exploited zero-day vulnerability in E-Business Suite

Oracle has patched a critical vulnerability in the E-Business Suite that was actively exploited in data theft attacks by the Clop group.

Read Full Article
The Hacker NewsThe Hacker News

⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More

The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons from the field. This recap cuts through the noise to share what really matters—key trends, warning signs, and stories shaping today’s security landscape. Whether you’re defending systems or just keeping up, these highlights help you spot what’s coming

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center

Factuality 

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

Heise broke the news in Germany on Sunday, October 5, 2025.
Sources are mostly out of (0)

Similar News Topics

Oracle icon

Oracle

Software icon

Software

Cyber Security icon

Cyber Security

News
For You
SearchBlindspotLocal