Cl0p
-
Google and Mandiant: Zero-day in Oracle E-Business Suite likely impacted dozens of organisations
Google Threat Intelligence Group and Mandiant reported that the exploitation of a zero-day in Oracle E-Business Suite likely affected dozens of organisations, using multiple vulnerabilities and post-exploitation tooling linked to Cl0p-styled extortion campaigns; investigators said Oracle has released patches and some investigative details remain unclear.
-
Oracle issues emergency patch for critical E-Business Suite flaw tied to Cl0p attacks
Oracle issued an emergency update for a critical E-Business Suite vulnerability, CVE-2025-61882 (CVSS 9.8), which the article said has been exploited in recent Cl0p data thefts; Oracle and Mandiant have urged organisations to apply fixes and investigate possible prior compromise.
