The Hacker News

Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks

CrowdStrike links Oracle EBS CVE-2025-61882 (CVSS 9.8) to Cl0p with moderate confidence; CISA adds to KEV, patch by Oct 27, 2025.

Oracle patches EBS zero-day exploited in Clop data theft attacks

Oracle is warning about a critical E-Business Suite zero-day vulnerability tracked as CVE-2025-61882 that allows attackers to perform unauthenticated remote code execution, with the flaw actively ...

FBI Is Warning Companies To Patch Their Oracle Databases Immediately

Oracle zero-day vulnerabilities are being targeted by at least one major cybercrime group and the FBI says it's looking bad.

Oracle links Clop extortion attacks to July 2025 vulnerabilities

Oracle has linked an ongoing extortion campaign claimed by the Clop ransomware gang to E-Business Suite (EBS) vulnerabilities that were patched in July 2025.
InfoWorld

Google enhances debugging, performance in Opal, its low-code AI-based app builder

Opal is being rolled out to 15 countries, including Canada, India, Japan, South Korea, Vietnam, Indonesia, Brazil, Singapore, and Colombia.
SecurityWeek

Exploitation of Oracle EBS Zero-Day Started 2 Months Before Patching

The Oracle EBS zero-day CVE-2025-61882 has been exploited since at least August 9 and hundreds of instances may still be vulnerable.

Clop hackers caught exploiting Oracle zero-day bug to steal executives’ personal data

Oracle fixes another security flaw that Clop hackers were using to steal sensitive personal information about executives as part of a mass-extortion campaign.