Oracle EBS Attack Victims May Be More Numerous Than Expected www.darkreading.com/vulnerabi…
The list of enterprises targeted by recent Oracle EBS attacks may also include Schneider Electric, Pan American Steel, and Cox Enterprises.
Earlier this month, the infamous ransomware-as-a-service gang Clop targeted customers affected by the critical Oracle E-Business Suite (EBS) zero-day vulnerability CVE-2025-61882. The flaw enables an unauthenticated attacker to remotely access and compromise Oracle Concurrent Processing. Exploiting this vulnerability can lead to follow-on activity such as data theft and possibly extortion. And in this case, early instances of extortion are part of the reason this zero-day came to light.
