Madison Square Garden confirmed a data breach after the Cl0p extortion group exploited zero-day vulnerabilities in Oracle’s E-Business Suite as part of a campaign that affected more than 100 organizations. Cl0p leaked over 210GB of stolen archive files after MSG declined to pay, and the company says the impacted Oracle EBS…
Search Results for: OracleEBS
The 2025 cyber-extortion epidemic reached record levels driven by a rise in encryptionless extortion—attackers increasingly steal data (often via zero-days or supply-chain weaknesses) and threaten leaks instead of using encryption. This trend coexists with persistent ransomware activity and the rapid expansion of actors such as Akira and Qilin following the disruption of LockBit and RansomHub. #Snakefly #OracleEBS
The ransomware ecosystem in 2025 fragmented rather than collapsed: affiliates became more independent, groups blurred their boundaries, and operators shifted toward identity abuse, supply-chain compromise, and data-first extortion. Long dwell times, widespread exploitation of enterprise software, and high victim impact (with Fortinet reporting 73% of organizations hit and low full-recovery rates) show the threat evolved into quieter, more targeted campaigns. #ScatteredLapsusHunters #OracleEBS
![Cybersecurity News | Daily Recap [31 Dec 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [31 Dec 2025]")
Daily Recap, critical patch notices hit IBM API Connect with an authentication bypass that could expose protected services, and a critical SmarterMail flaw (CVE-2025-52691) enabling unauthenticated RCE on vulnerable servers, with CISA ordering patches for the MongoBleed flaw following observed intrusions that affected Oracle EBS deployments including Korean Air and the University of Phoenix. The European Space Agency confirmed a breach of external servers, Disney agreed to pay $10 million to settle child data privacy claims related to YouTube content, two ALPHV/BlackCat ransomware operators pleaded guilty, and new info-stealers and malvertising campaigns—ErrTraffic, Lumma, Vidar, Cerberus, and Zoom Stealer—illustrate ongoing threat activity, alongside Intellexa Predator sanctions being reversed. #IBMAPIConnect #CVE2025_52691 #MongoBleed #OracleEBS #KoreanAir #UniversityofPhoenix #EuropeanSpaceAgency #Disney #ALPHV #BlackCat #ErrTraffic #Lumma #Vidar #Cerberus #ZoomStealer #Intellexa #Predator
Victims of the CL0P ransomware group’s August campaign, including Korean Air and the University of Phoenix, are still dealing with data breaches affecting millions of individuals. CL0P continues to exploit vulnerabilities in file sharing services, expanding its reach beyond Oracle E-Business Suite. #CL0P #OracleEBS #KoreanAir #UniversityOfPhoenix #Fin11…
Korean Air disclosed a data breach that exposed the personal information of 30,000 employees due to a cyberattack linked to the Oracle E-Business Suite vulnerability. The attack is believed to be part of the wider Oracle EBS campaign by the Cl0p ransomware group affecting multiple organizations, including those in the aviation…
Korean Air experienced a data breach affecting approximately 30,000 employees due to an attack on its former in-flight catering partner, KC&D. The Clop ransomware group claimed responsibility, exploiting vulnerabilities and leaking data on its Tor site. #Clop #OracleEBSCVEs…
A recent cyberattack exploiting zero-day vulnerabilities in Oracle E-Business Suite has compromised sensitive data of millions, including students and staff at major universities and organizations. The attack, linked to the Cl0p ransomware group and the FIN11 threat group, has led to widespread data exfiltration with several institutions affected. #OracleEBS #FIN11…
The Clop ransomware gang compromised the University of Phoenix’s network, stealing personal and financial data of nearly 3.5 million individuals using a zero-day vulnerability in Oracle E-Business Suite. This attack is part of a larger campaign affecting multiple U.S. universities and highlights the dangers of zero-day exploits in critical systems. #Clop #OracleEBS #UniversityofthePhoenix #DataBreach
The University of Phoenix, along with other educational institutions, has suffered a data breach through a flaw in the Oracle E-Business Suite software exploited by the Clop ransomware group. This incident highlights the vulnerability of large organizations relying on third-party platforms and the ongoing threat from cybercriminals targeting sensitive data. #OracleEBS…
This article discusses a widespread cyberattack targeting Oracle’s E-Business Suite, affecting multiple universities including the University of Pennsylvania and the University of Phoenix. The breach exposed sensitive personal data of thousands and highlights ongoing threats from the Cl0p ransomware group and other threat actors. #OracleEBS #Cl0p #FIN11 #UniversityOfPennsylvania #UniversityOfPhoenix…
Over 35,000 individuals had their personal information compromised due to a cyberattack targeting Dartmouth College’s use of Oracle E-Business Suite software. Multiple organizations, including Harvard, Cox Enterprises, and military and educational institutions, confirmed data breaches related to a Russian cybercriminal operation exploiting a zero-day vulnerability. #OracleEBS #ClopGang…
Harvard University experienced a data breach through a vishing attack targeting its Alumni Affairs and Development systems, exposing personal contact and donation information. The incident also involved a limited breach related to the Cl0p ransomware group, which leaked additional data from Harvard’s Oracle E-Business Suite. #Vishing #Cl0p #HarvardAlumni #OracleEBS…
Dartmouth College has suffered a data breach caused by the Clop gang exploiting a zero-day vulnerability in Oracle E-Business Suite, leading to the theft of personal and financial information of affected individuals. The incident is part of a widespread extortion campaign targeting multiple organizations using same zero-day flaw. #Clop #OracleEBS #DataBreach #Harvard #GlobalLogic
Canon’s subsidiary was targeted in a recent Oracle E-Business Suite hacking campaign, with the company confirming the incident was limited to a web server and has since been resolved. Several organizations, including Cox Enterprises and Mazda, have also been affected, with some suffering data breaches, while others have not confirmed any…