CL0P-Linked Hackers Breach Dozens of Organizations Through Oracle Software Flaw

Cl0p-linked hackers exploited a zero-day flaw in Oracle’s E-Business Suite (EBS) software since August 9, 2025, impacting dozens of organizations. The attackers leveraged multiple vulnerabilities, including a zero-day flaw (CVE-2025-61882), to breach networks and exfiltrate sensitive data. The campaign, which began in earnest on September 29, 2025, involved a high-volume email campaign demanding ransom for the stolen information.