Oracle E-Business Suite Zero-Day Exploited in Cl0p Attacks - SecurityWeek

The Cl0p ransomware group exploited a zero-day vulnerability (CVE-2025-61882) in Oracle E-Business Suite, stealing data from customers and sending extortion emails. The vulnerability, impacting versions 12.2.3-12.2.14, allows remote code execution and has a CVSS score of 9.8. Oracle has released patches and indicators of compromise for affected customers.

Edward Kiledjian @ekiledjian