Oracle News Articles
Recent news articles refferecing the vendors vulnerabilities.
CVE-2025-61757: Oracle Identity Manager RCE
Summary of CVE-2025-61757 auth bypass in Oracle Identity Manager enabling unauthenticated RCE, with observed scanning, patch details, and detection tips.
2 weeks ago
CyberSecurityNewsCVE-2025-61882Canon Allegedly Breached by Clop Ransomware via Oracle E-Business Suite 0-Day Hack
Canon confirms it was targeted in the massive Clop ransomware campaign exploiting a zero-day in Oracle E-Business Suite (CVE-2025-61882).
3 weeks ago
Critical Oracle Identity Manager Flaw Under Attack
The exploitation of CVE-2025-61757 follows a breach of Oracle Cloud earlier this year and a extortion campaign against Oracle E-Business Suite customers.
3 weeks ago
The Cyber ExpressCVE-2025-61757CISA Adds Oracle Identity Manager Vulnerability To KEV
CISA has added an Oracle Identity Manager vulnerability to its Known Exploited Vulnerabilities catalog after SANS reported attack attempts on the flaw.
3 weeks ago
CISA Confirms Exploitation of Recent Oracle Identity Manager Vulnerability
The cybersecurity agency CISA has confirmed that a recently patched Oracle Identity Manager vulnerability has been exploited in the wild.
3 weeks ago
CISA Confirms Exploitation of Recent Oracle Identity Manager Vulnerability
The cybersecurity agency CISA has confirmed that a recently patched Oracle Identity Manager vulnerability has been exploited in the wild.
3 weeks ago
GBHackers NewsCVE-2025-61757CISA Issues Warning as Hackers Target Oracle Identity Manager RCE Flaw
CISA has added a new Oracle vulnerability to its KEV catalog, warning that attackers are already exploiting, tracked as CVE-2025-61757.
3 weeks ago
GBHackers NewsCVE-2025-61757CISA Issues Warning as Hackers Target Oracle Identity Manager RCE Flaw
CISA has added a new Oracle vulnerability to its KEV catalog, warning that attackers are already exploiting, tracked as CVE-2025-61757.
3 weeks ago
Cyber PressCVE-2025-61757CISA Alerts on Oracle Identity Manager RCE Flaw Being Actively Exploited
CISA has issued an urgent warning about a critical remote code execution vulnerability in Oracle Identity Manager that threat actors are actively exploiting.
3 weeks ago
Red Hot CyberCVE-2025-61757Oracle under attack: Pre-auth RCE vulnerability discovered that compromises entire systems
A critical pre-authentication remote code execution vulnerability has been discovered in Oracle Identity Manager, identified as CVE-2025-61757.
3 weeks ago
Security AffairsCVE-2025-61757U.S. CISA adds an Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds an Oracle Fusion Middleware vulnerability to its Known Exploited Vulnerabilities catalog...
3 weeks ago
CISA warns Oracle Identity Manager RCE flaw is being actively exploited
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning government agencies to patch an Oracle Identity Manager tracked as CVE-2025-61757 that has been exploited in attacks, potentially as a zero-day.
3 weeks ago
Critical Oracle Identity Manager RCE flaw revealed, PoC published
Researchers published proof-of-concept code for authentication bypass and RCE in OIM.
3 weeks ago
Cyber PressCVE-2025-61882Oracle Allegedly Breached by Clop Ransomware via E-Business Suite 0-Day Hack
The group claims to have successfully breached the tech giant's internal systems using a critical zero-day vulnerability in Oracle E-Business Suite (EBS), designated as CVE-2025-61882.
3 weeks ago
CybernewsCVE-2025-61882Cl0p ransomware hacks Oracle exploiting Oracle's own EBS zero-day
Oracle becomes victim to its own E-Business Suite (EBS) zero-day after the Cl0p ransomware claims the company as a victim in the group's own Oracle-fueled hacking spree.
3 weeks ago
GBHackers NewsCVE-2025-61882Clop Ransomware Claims Oracle Breach Using E-Business Suite 0-Day
The notorious Clop ransomware gang, has listed Oracle Corporation on its dark web leak site, claiming to have successfully breached the technology giant's internal systems.
3 weeks ago
CyberSecurityNewsCVE-2025-61882Oracle Allegedly Breached by Clop Ransomware via E-Business Suite 0-Day Hack
The notorious Clop ransomware gang has listed Oracle on its dark web leak site, alleging a successful breach of the tech giant's internal systems.
3 weeks ago
Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day
A recently patched Oracle Identity Manager vulnerability tracked as CVE-2025-61757 may have been exploited as a zero-day.
3 weeks ago
CyberSecurityNewsCVE-2025-61882Lessons from Oracle E-Business Suite Hack That Allegedly Compromises Nearly 30 Organizations Worldwide
A sophisticated cyberattack targeting Oracle E-Business Suite (EBS) customers has exposed critical vulnerabilities in enterprise resource planning systems, compromising an estimated 100 organizations worldwide between July and October 2025.
3 weeks ago
CyberSecurityNewsCVE-2025-61882Cl0P Ransomware Group Allegedly Claims Breach of Entrust in Oracle 0-Day EBS Hack
The notorious Cl0P ransomware group has claimed responsibility for breaching digital security firm Entrust, exploiting a critical zero-day vulnerability in Oracle E-Business Suite (EBS). The attack, tied to CVE-2025-61882, marks another high-profile victim in Cl0P’s relentless assault on organizatio...
1 month ago
Cl0P Ransomware Group Allegedly Claims Breach of Entrust in Oracle 0-Day EBS Hack
The notorious Cl0P ransomware group has claimed responsibility for breaching digital security firm Entrust, exploiting a critical zero-day vulnerability in Oracle E-Business Suite (EBS). The attack, tied to CVE-2025-61882, marks another high-profile victim in Cl0P’s relentless assault on organizatio...
1 month ago
CyberScoopCVE-2025-61882Washington Post confirms data on nearly 10,000 people stolen from its Oracle environment
The newspaper said a “bad actor” contacted the company in late September, prompting an investigation that nearly a month later confirmed the extent of compromise.
1 month ago
CyberScoopCVE-2025-61882Hitachi subsidiary GlobalLogic impacted by Clop’s attack spree on Oracle customers
The digital engineering services firm said human resources data on nearly 10,500 current and former employees was exposed.
Cyber PressCVE-2025-61882Allianz UK Joins Expanding List of Clop’s Alleged Oracle E-Business Suite Victims
The attackers gained access through the company's EBS system, which manages personal lines business, including home, car, pet, and travel insurance products.
List of Oracle EBS Attack Victims May Be Growing Longer
Evidence suggests that Schneider Electric and others may have fallen prey to zero-day CVE-2025-61882.
CPO MagazineCVE-2025-61882Harvard and Envoy Airlines Breached via Oracle’s E-Business Suite Zero-Day Vulnerability - CPO Magazine
Harvard University and Envoy, an American Airlines subsidiary, have confirmed data breaches linked to a zero-day vulnerability CVE-2025-61882 in Oracle’s E-Business Suite software.
BornCityCVE-2025-62641Virtualbox 7.1.12 and 7.2.2: Vulnerability CVE-2025-62641 | Born's Tech and Windows World
[German]It has just been announced that Virtualbox 7.1.12 and 7.2.2 contain the CVE-2025-62641 vulnerability. This could allow attackers to take over the host. There are also other vulnerabilities in these...
varindia.comCVE-2025-61882Harvard Hit in Oracle Zero-Day Ransomware Attack
Harvard University has confirmed it was breached in a ransomware attack exploiting a critical zero-day vulnerability in Oracle's E-Business Suite (EBS), tracked as CVE-2025-61882. The Clop ransomware group...
Techzine GlobalCVE-2025-61884CISA: Oracle vulnerability is being actively exploited
CISA forces federal organizations to install Oracle patch for actively exploited SSRF vulnerability. Oracle does not confirm exploitation.
US cyber agency adds 5 known exploited vulnerabilities to KEV listing
Multiple Apple products and Oracle’s E-Business Suite feature in CISA’s latest addition to the KEV catalogue.
CISA confirms hackers exploited Oracle E-Business Suite SSRF flaw
CISA has confirmed that an Oracle E-Business Suite flaw tracked as CVE-2025-61884 is being exploited in attacks, adding it to its Known Exploited Vulnerabilities catalog.
U.S. CISA adds Oracle, Windows, Kentico, Apple flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Oracle, Windows, Kentico, and Apple vulnerabilities to its Known Exploited Vulnerabilities catalog.
CISA Confirms Exploitation of Latest Oracle EBS Vulnerability
CISA has confirmed that an Oracle E-Business Suite (EBS) vulnerability CVE-2025-61884 has been exploited in the wild.
CISA Adds Microsoft, Oracle Vulnerabilities To KEV Catalog
CISA added Microsoft, Apple and Oracle vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog today. Here are the details.
The Hacker NewsFive New Exploited Bugs Land in CISA's Catalog — Oracle and Microsoft Among Targets
CISA adds five exploited vulnerabilities, including Oracle, Microsoft, Kentico, and Apple flaws, requiring fixes by Nov 10, 2025.
Harvard says ‘limited number of parties’ impacted by breach linked to Oracle zero-day
Harvard University said a recent incident that is impacting Oracle E-Business Suite customers impacted a "limited number of parties associated with a small administrative unit."
The420.inCVE-2025-61882Harvard University Confirms Data Breach Linked to Oracle Zero-Day Exploit
Harvard confirms breach tied to Oracle E-Business Suite zero-day flaw exploited by Clop ransomware. FBI urges urgent patching worldwide.
Harvard University Breached in Oracle Zero-Day Attack
The Clop ransomware group claimed responsibility for stealing the university's data as part of a broader campaign against Oracle customers.
Oracle silently fixes zero-day exploit leaked by ShinyHunters
Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters extortion group.
Oracles silently fixes zero-day exploit leaked by ShinyHunters
Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters extortion group.
Security AffairsCVE-2025-61884Oracle issued an emergency security update to fix new E-Business Suite flaw CVE-2025-61884
Oracle issued an emergency security update to address a new E-Business Suite (EBS) vulnerability tracked as CVE-2025-61884.
csoonline.comCVE-2025-61884Oracle issues second emergency patch for E-Business Suite in two weeks
Information disclosure flaw, CVE-2025-61884, emerges weeks after zero-day attacks, raising questions about broader security issues in Oracle’s flagship ERP platform.
Arctic WolfCVE-2025-61884CVE-2025-61884 | Arctic Wolf
Oracle has released an emergency fix for a high-severity information disclosure vulnerability in Oracle E-Business Suite (EBS), tracked as CVE-2025-61884
Techzine GlobalCVE-2025-61884Emergency patch for vulnerability in Oracle E-Business Suite
Oracle releases emergency patch for critical CVE-2025-61884 vulnerability in E-Business Suite that gives attackers access without authentication.
Oracle Fixes New E-Business Suite Flaw As CL0P Hits Harvard
While there is no connection to CL0P’s attacks on CVE-2025-61882, Oracle has rushed out a patch for a new E-Business Suite flaw, CVE-2025-61884.
Oracle releases emergency patch for new E-Business Suite flaw
Oracle has issued an emergency security update over the weekend to patch another E-Business Suite (EBS) vulnerability that can be exploited remotely by unauthenticated attackers.
CVE-2025-61884: Novel Oracle E-Business Suite Vulnerability Enables Remote Theft of Sensitive Data Without Login | SOC Prime
Explore CVE-2025-61884 analysis, a new critical, easily exploitable Oracle EBS vulnerability, with the details on our SOC Prime blog.