Dark Reading

Oracle EBS Attack Victims May Be More Numerous Than Expected

The list of enterprises targeted by recent Oracle EBS attacks may also include Schneider Electric, Pan American Steel, and Cox Enterprises. Earlier this month, the infamous ransomware-as-a-service ...
theregister

American Airlines subsidiary Envoy caught in Clop's Oracle EBS raid

Envoy Air, an American Airlines subsidiary, has confirmed that it was among the dozens of organizations compromised via Oracle E-Business Suite (EBS) security flaws, following claims by Clop ...
heise online

E-Business Suite: Oracle secures software again out-of-band

Ransomware extortion attempts targeting users of Oracle's E-Business Suite were recently made public. The attackers' entry point: the critically rated zero-day security vulnerability CVE-2025-61882 ...
CSOonline

Oracle issues second emergency patch for E-Business Suite in two weeks

Information disclosure flaw, CVE-2025-61884, emerges weeks after zero-day attacks, raising questions about broader security issues in Oracle’s flagship ERP platform. Oracle has issued its second ...
Bleeping Computer

Oracle releases emergency patch for new E-Business Suite flaw

Oracle has issued an emergency security update over the weekend to patch another E-Business Suite (EBS) vulnerability that can be exploited remotely by unauthenticated attackers. Tracked as ...
SecurityWeek

Oracle Patches EBS Vulnerability Allowing Access to Sensitive Data

It’s unclear if the new Oracle E-Business Suite flaw, which can be exploited remotely without authentication, has been used in the wild. Oracle over the weekend announced the availability of a patch ...
Channel NewsAsia Singapore

Google says 'likely over 100' affected by Oracle-linked hacking campaign

WASHINGTON :Google said on Thursday that there were likely to be more than 100 companies affected by an ambitious hacking campaign that targeted Oracle's suite of business products, an early ...
SecurityWeek

Exploitation of Oracle EBS Zero-Day Started 2 Months Before Patching

Hundreds of internet-exposed Oracle E-Business Suite instances may still be vulnerable to attacks. More information has come to light on the recently patched Oracle E-Business Suite (EBS) zero-day, ...
theregister

Clop raid on Oracle E-Business Suite started months ago, researchers warn

Security boffins say the Clop cybercriminal gang has been rummaging through Oracle's E-Business Suite (EBS) for months – and now the exploit code's out there for anyone to grab. Oracle's EBS ...
Infosecurity-magazine.com

NCSC: Patch Critical Oracle EBS Bug Now

Oracle E-Business Suite (EBS) customers have been urged to patch a critical vulnerability in the product, after reports that the notorious Clop ransomware group has exploited the bug in attacks as a ...
Security Boulevard

CVE-2025-61882: Frequently Asked Questions About Oracle E-Business Suite (EBS) Zero-Day and Associated Vulnerabilities

Following reports the Cl0p ransomware group has been extorting Oracle E-Business Suite customers, Oracle released an advisory for a zero-day that was exploited in the wild. Tenable’s Research Special ...