Oracle News Articles
Recent news articles refferecing the vendors vulnerabilities.
List of Oracle EBS Attack Victims May Be Growing Longer
Evidence suggests that Schneider Electric and others may have fallen prey to zero-day CVE-2025-61882.
2 days ago
CPO MagazineCVE-2025-61882Harvard and Envoy Airlines Breached via Oracleās E-Business Suite Zero-Day Vulnerability - CPO Magazine
Harvard University and Envoy, an American Airlines subsidiary, have confirmed data breaches linked to a zero-day vulnerability CVE-2025-61882 in Oracleās E-Business Suite software.
2 days ago
BornCityCVE-2025-62641Virtualbox 7.1.12 and 7.2.2: Vulnerability CVE-2025-62641 | Born's Tech and Windows World
[German]It has just been announced that Virtualbox 7.1.12 and 7.2.2 contain the CVE-2025-62641 vulnerability. This could allow attackers to take over the host. There are also other vulnerabilities in these...
5 days ago
varindia.comCVE-2025-61882Harvard Hit in Oracle Zero-Day Ransomware Attack
Harvard University has confirmed it was breached in a ransomware attack exploiting a critical zero-day vulnerability in Oracle's E-Business Suite (EBS), tracked as CVE-2025-61882. The Clop ransomware group...
1 week ago
Techzine GlobalCVE-2025-61884CISA: Oracle vulnerability is being actively exploited
CISA forces federal organizations to install Oracle patch for actively exploited SSRF vulnerability. Oracle does not confirm exploitation.
1 week ago
US cyber agency adds 5 known exploited vulnerabilities to KEV listing
Multiple Apple products and Oracleās E-Business Suite feature in CISAās latest addition to the KEV catalogue.
1 week ago
CISA confirms hackers exploited Oracle E-Business Suite SSRF flaw
CISA has confirmed that an Oracle E-Business Suite flaw tracked asĀ CVE-2025-61884 is being exploited in attacks, adding it to its Known Exploited Vulnerabilities catalog.
1 week ago
U.S. CISA adds Oracle, Windows, Kentico,Ā Apple flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Oracle, Windows, Kentico,Ā and Apple vulnerabilities to its Known Exploited Vulnerabilities catalog.
1 week ago
CISA Confirms Exploitation of Latest Oracle EBS VulnerabilityĀ
CISA has confirmed that an Oracle E-Business Suite (EBS) vulnerability CVE-2025-61884 has been exploited in the wild.
1 week ago
The Cyber ExpressCISA Adds Microsoft, Oracle Vulnerabilities To KEV Catalog
CISA added Microsoft, Apple and Oracle vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog today. Here are the details.
1 week ago
Five New Exploited Bugs Land in CISA's Catalog ā Oracle and Microsoft Among Targets
CISA adds five exploited vulnerabilities, including Oracle, Microsoft, Kentico, and Apple flaws, requiring fixes by Nov 10, 2025.
1 week ago
Harvard says ālimited number of partiesā impacted by breach linked to Oracle zero-day
Harvard University said a recent incident that is impacting Oracle E-Business Suite customers impacted a "limited number of parties associated with a small administrative unit."
2 weeks ago
The420.inCVE-2025-61882Harvard University Confirms Data Breach Linked to Oracle Zero-Day Exploit
Harvard confirms breach tied to Oracle E-Business Suite zero-day flaw exploited by Clop ransomware. FBI urges urgent patching worldwide.
2 weeks ago
Harvard University Breached in Oracle Zero-Day Attack
The Clop ransomware group claimed responsibility for stealing the university's data as part of a broader campaign against Oracle customers.
2 weeks ago
Oracles silently fixes zero-day exploit leaked by ShinyHunters
Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters extortion group.
2 weeks ago
Oracle silently fixes zero-day exploit leaked by ShinyHunters
Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters extortion group.
2 weeks ago
Security AffairsCVE-2025-61884Oracle issued an emergency security update to fix new E-Business Suite flaw CVE-2025-61884
Oracle issued an emergency security update to address a new E-Business Suite (EBS) vulnerability tracked asĀ CVE-2025-61884.
2 weeks ago
csoonline.comCVE-2025-61884Oracle issues second emergency patch for E-Business Suite in two weeks
Information disclosure flaw, CVE-2025-61884, emerges weeks after zero-day attacks, raising questions about broader security issues in Oracleās flagship ERP platform.
2 weeks ago
Arctic WolfCVE-2025-61884CVE-2025-61884 | Arctic Wolf
Oracle has released an emergency fix for a high-severity information disclosure vulnerability in Oracle E-Business Suite (EBS), tracked as CVE-2025-61884
2 weeks ago
Techzine GlobalCVE-2025-61884Emergency patch for vulnerability in Oracle E-Business Suite
Oracle releases emergency patch for critical CVE-2025-61884 vulnerability in E-Business Suite that gives attackers access without authentication.
2 weeks ago
Oracle Fixes New E-Business Suite Flaw As CL0P Hits Harvard
While there is no connection to CL0Pās attacks on CVE-2025-61882, Oracle has rushed out a patch for a new E-Business Suite flaw, CVE-2025-61884.
2 weeks ago
Oracle releases emergency patch for new E-Business Suite flaw
Oracle has issued an emergency security update over the weekend to patch another E-Business Suite (EBS) vulnerability that can be exploited remotely by unauthenticated attackers.
2 weeks ago
CVE-2025-61884: Novel Oracle E-Business SuiteĀ Vulnerability Enables Remote Theft of Sensitive Data Without Login | SOC Prime
Explore CVE-2025-61884 analysis, a new critical, easily exploitable Oracle EBS vulnerability, with the details on our SOC Prime blog.
2 weeks ago
GBHackers NewsCVE-2025-61884Oracle E-Business Suite Flaw Enables Remote Code Execution and Data Theft
Oracle has issued a critical security alert for a severe vulnerability in its E-Business Suite platform that could allow attackers to execute remote code.
2 weeks ago
el-balad.comCVE-2025-61884Oracle E-Business Suite Bug Enables Hacker Data Access Without Login
A recent security alert issued by Oracle has raised concerns over a vulnerability in its E-Business Suite. This flaw, designated as CVE-2025-61884, holds a CVSS score of 7.5, indicating a high level of severity. It impacts versions ranging from 12.2.3 to 12.2.14 of the software. Vulnerability Detail...
3 weeks ago
Cyber Security NewsCVE-2025-61884Oracle E-Business Suite RCE Vulnerability Exposes Sensitive Data to Hackers Without Authentication
Oracle has disclosed a critical vulnerability in its E-Business Suite that enables unauthenticated attackers to remotely access sensitive data, raising alarms for enterprises relying on the platform for core operations.
3 weeks ago
Oracle Patches EBS Vulnerability Allowing Access to Sensitive Data
Oracle patched another severe E-Business Suite (EBS) vulnerability that can be exploited to gain access to sensitive data.
3 weeks ago
The Hacker NewsCVE-2025-61884New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login
Oracle warns of CVE-2025-61884 flaw in E-Business Suite enabling unauthorized data access.
3 weeks ago
Security Affairs newsletter Round 545 by Pierluigi Paganini ā INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter is out! Every week, the best security articles from Security Affairs in your email box
3 weeks ago
CVE-2025-61882 in Oracle E-Business Suite: Details, Next Steps
A critical security vulnerability CVE-2025-61882 has been identified in Oracle E-Business Suite, a widely used enterprise resource planning platform. Read now.
3 weeks ago
Help Net SecurityCVE-2025-61884Another remotely exploitable Oracle EBS vulnerability requires your attention (CVE-2025-61884) - Help Net Security
Oracle has revealed the existence of yet another remotely exploitable Oracle E-Business Suite vulnerability (CVE-2025-61884).
3 weeks ago
Week in review: Hackers extorting Salesforce, CentreStack 0-day exploited - Help Net Security
Hereās an overview of some of last weekās most interesting news, articles, interviews and videos: How to get better results from bug bounty programs
3 weeks ago
The Hacker NewsCVE-2025-61882CL0P-Linked Hackers Breach Dozens of Organizations Through Oracle Software Flaw
Oracle EBS zero-day CVE-2025-61882 exploited since August 2025; GTIG links campaign to Cl0p actors.
3 weeks ago
Help Net SecurityCVE-2025-61882Leaked Oracle EBS exploit scripts expected to drive new wave of attacks (CVE-2025-61882) - Help Net Security
Researchers have analyzed the leaked scripts used by attackers to exploit CVE-2025-61882 on internet-facing Oracle ESB instances.
3 weeks ago
The HIPAA JournalCVE-2025-61882Cl0p Mass Exploiting Zero-day Vulnerability in Oracle E-Business Suite
A zero-day vulnerability in Oracle E-Business Suite is under active exploitation by the Cl0p ransomware group. The vulnerability is tracked as The Cl0p ransomware group is mass exploiting a zero day vulnerability in Oracle E-Business Suite. The vulnerability has been exploited in the wild since at l...
3 weeks ago
CVE-2025-61882 Vulnerability Detection: A Critical Oracle E-Business Suite Zero-Day Exploited in Cl0p Data Theft Attacks | SOC Prime
Detect CVE-2025-61882 exploitation attempts, a critical zero-day vulnerability in Oracle EBS, using Sigma rules in the SOC Prime Platform.
3 weeks ago
Exploitation of Oracle EBS Zero-Day Started 2 Months Before Patching
The Oracle EBS zero-day CVE-2025-61882 has been exploited since at least August 9 and hundreds of instances may still be vulnerable.
3 weeks ago
Risky Business NewslettersRedis vulnerability impacts all versions released in the last 13 years
In other news: Oracle zero-day used in extortion campaign; new MSS front company discovered; DPRK hackers have stolen $2 billion this year.
3 weeks ago
Clop exploited Oracle zero-day for data theft since early August
The Clop ransomware gang has been exploiting a critical Oracle E-Business Suite (EBS) zero-day bug in data theft attacks since at least early August, according to cybersecurity company CrowdStrike.
3 weeks ago
The StackCVE-2025-61882Oracle pushes emergency patch for exploited 0day
Oracle pushed a patch for a new bug in its E-Business Suite discovered on Saturday allowing attackers to access a key unit without a password.
3 weeks ago
Cyber PressCVE-2025-61882Cl0p Ransomware Exploiting Oracle E-Business Suite 0-Day in Active Attacks
The zero-day affects Oracle E-Business Suite versions 12.2.3 through 12.2.14, which are widely deployed among enterprises for order management
3 weeks ago
Security AffairsCVE-2025-61882CrowdStrike ties Oracle EBS RCE (CVE-2025-61882) to Cl0p attacks began Aug 9, 2025
CrowdStrike links Oracle EBS flaw CVE-2025-61882 (CVSS 9.8) to Cl0p, enabling unauthenticated RCE, first exploited on August 9, 2025.
3 weeks ago
The Hacker NewsCVE-2025-61882Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks
CrowdStrike links Oracle EBS CVE-2025-61882 (CVSS 9.8) to Cl0p with moderate confidence; CISA adds to KEV, patch by Oct 27, 2025.
3 weeks ago
CyberScoopCVE-2025-61882Oracle zero-day defect amplifies panic over Clopās data theft attack spree
The notorious ransomware group exploited multiple vulnerabilities, including a zero-day, for at least eight weeks before alleged victims received extortion demands.
3 weeks ago
Clop Ransomware Hits Oracle Customers Via Zero-Day
The infamous Clop gang has targeted a wide range of Oracle E-Business Suite customers using a newly disclosed zero-day vulnerability.
3 weeks ago
Help Net SecurityCVE-2025-61882Cl0p exploits Oracle E-Business Suite zero-day in data theft, extortion campaign (CVE-2025-61882) - Help Net Security
The Cl0p extortion gang exploited multiple Oracle E-Business Suite vulnerabilities, including one zero-day (CVE-2025-61882), to steal data.
3 weeks ago
The Hacker NewsCVE-2025-61882Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks
Oracle releases an emergency fix for CVE-2025-61882 after Cl0p exploits critical EBS flaw.
3 weeks ago
Oracle patches EBS zero-day exploited in Clop data theft attacks
Oracle is warning about a critical E-Business Suite zero-day vulnerability tracked asĀ CVE-2025-61882 that allows attackers to perform unauthenticated remote code execution, with the flaw actively exploited in Clop data theft attacks.
4 weeks ago