JD Supra

Oracle Zero-Day Exploited by Cl0p

Oracle has confirmed that the threat actor group Cl0p is actively exploiting a zero-day vulnerability in the Oracle E-Business Suite product, versions 12.2.3-12.2.14. On October 4, 2025, Oracle ...
Bleeping Computer

Oracle silently fixes zero-day exploit leaked by ShinyHunters

Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters ...
ZDNet

Recent Oracle WebLogic zero-day used to infect servers with ransomware

A recently discovered zero-day vulnerability has been abused for over a week to infect Oracle WebLogic servers with at least two strands of ransomware, security researchers from Cisco Talos have told ...
Bleeping Computer

Oracle patches EBS zero-day exploited in Clop data theft attacks

Update 10/6/25 11:15 AM ET: Updated story with more information on the leaked Oracle source code and the leaking of the exploit. Oracle is warning about a critical E-Business Suite zero-day ...