thecyberexpress

Latest Oracle EBS Victims Include Korean Air, University of Phoenix

Victims of the CL0P ransomware group’s August campaign targeting Oracle E-Business Suite vulnerabilities are still coping with the aftermath of the cyberattacks, as Korean Air and the University of ...
Government Technology

Oracle Hack Impacts 3.5M Associated With University of Phoenix

The University of Phoenix has confirmed it suffered a data breach affecting 3.5 million people. According to the university’s statement, attackers obtained names, contact information, dates of birth, ...
CPO Magazine

Dartmouth College Impacted by Oracle E-Business Suite Data Breach

Dartmouth College has confirmed it was the victim of a zero-day data breach via Oracle’s E-Business Suite (EBS) applications, after the Clop ransomware gang leaked its stolen data. “We recently ...
Dark Reading

Oracle EBS Attack Victims May Be More Numerous Than Expected

The list of enterprises targeted by recent Oracle EBS attacks may also include Schneider Electric, Pan American Steel, and Cox Enterprises. Earlier this month, the infamous ransomware-as-a-service ...
CPO Magazine

Harvard and Envoy Airlines Breached via Oracle’s E-Business Suite Zero-Day Vulnerability

Harvard University and Envoy have confirmed they were breached via zero-day vulnerability in Oracle’s E-Business Suite (EBS) products. CVE-2025-61882 is a critical vulnerability (CVSS v3 9.8) in the ...
Dark Reading

Harvard University Breached in Oracle Zero-Day Attack

Harvard University confirmed that it fell victim to an attack exploiting the recently disclosed zero-day vulnerability in Oracle's E-Business Suite (EBS) system. The critical vulnerability, tracked as ...
Bleeping Computer

Oracle silently fixes zero-day exploit leaked by ShinyHunters

Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters ...
CSOonline

Oracle issues second emergency patch for E-Business Suite in two weeks

Information disclosure flaw, CVE-2025-61884, emerges weeks after zero-day attacks, raising questions about broader security issues in Oracle’s flagship ERP platform. Oracle has issued its second ...
SecurityWeek

Oracle Patches EBS Vulnerability Allowing Access to Sensitive Data

It’s unclear if the new Oracle E-Business Suite flaw, which can be exploited remotely without authentication, has been used in the wild. Oracle over the weekend announced the availability of a patch ...
thecyberexpress

Oracle Patches New E-Business Suite Flaw as CL0P Claims Harvard as Victim

Oracle rushed out a patch over the weekend for a new E-Business Suite vulnerability that can be exploited remotely without authentication. The vulnerability – CVE-2025-61884 – carries a 7.5 ...
The Hacker News

New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login

Oracle on Saturday issued a security alert warning of a fresh security flaw impacting its E-Business Suite that it said could allow unauthorized access to sensitive data. The vulnerability, tracked as ...
Infosecurity-magazine.com

Google: Clop Accessed “Significant Amount” of Data in Oracle EBS Exploit

The Clop ransomware group likely began targeting Oracle E-Business Suite (EBS) instances as early as August 9, successfully exfiltrating a “significant amount” of data new insights from Google Threat ...