Oracle E-Business Suite Zero-Day Under Active Attack

Oracle has released an emergency patch for a critical zero-day vulnerability in its E-Business Suite software. The flaw, tracked as CVE-2025-61882, allows attackers to exploit systems remotely without needing a username or password. The prolific hacking group Clop is actively abusing this vulnerability in a mass exploitation campaign to steal sensitive corporate data. Following the data theft, the attackers are sending extortion emails to corporate executives, demanding payment to prevent their personal information from being published online. Oracle is urging all customers to apply the update immediately to protect against these ongoing data theft and extortion attacks.

Latest mentioned: 10-06

Earliest mentioned: 10-06

Sources

securityweek.com techcrunch.com cybersum.net

Also Read

PhantomRaven Supply-Chain Attack Infects npm Ecosystem

Koi Security has discovered a massive supply-chain attack called PhantomRaven, which has infected the npm ecosystem with 126 malicious packages downloaded over 86,000 times. The campaign, active since August 2025, steals npm authentication tokens, GitHub credentials, and CI/CD secrets by concealing malicious code in dependencies. The attackers used Remote Dynamic Dependencies (RDD) to bypass security scanners, making the packages appear harmless. The malware executed automatically during installation, performing aggressive reconnaissance and exfiltration. Koi Security noted the use of AI-driven slopsquatting to create plausible-sounding package names, tricking developers into trusting malicious packages.

10-31Read more →