Cyber Security News

Clop exploited Oracle zero-day for data theft since early August

BleepingComputer
Clop exploited Oracle zero-day for data theft since early August

The Clop ransomware gang has been exploiting a recently patched Oracle E-Business Suite zero-day, CVE-2025-61882, for data theft since August. Multiple threat actors are likely involved in targeting unpatched Oracle EBS systems for extortion and data leaks. #Clop #OracleEBS #CVE-2025-61882 #GRACEFULSPIDER

Keypoints

  • The Clop gang exploited a zero-day vulnerability in Oracle E-Business Suite starting in early August 2025.
  • The flaw, CVE-2025-61882, allows unauthenticated remote code execution through a specific HTTP request.
  • Oracle released a patch for the vulnerability over the weekend, urging immediate application by customers.
  • Threat groups, including Clop, are using this vulnerability for data theft and extortion campaigns.
  • Ongoing investigations suggest possible involvement of multiple cybercrime groups exploiting this flaw.

Read More: https://www.bleepingcomputer.com/news/security/oracle-zero-day-exploited-in-clop-data-theft-attacks-since-early-august/

SHARE THIS STORY

WhatsAppX (Twitter)TelegramBlueskyFacebookLinkedInThreadsEmailPrint