"Dozens of Orgs Impacted by Exploitation of Oracle EBS Flaw - Dozens of organizations may have been impacted following the zero-day exploitation of a security flaw in Oracle's E-Business Suite (EBS) software since August 9, 2025, according to Google Threat Intelligence Group (GTIG) and Mandiant. The activity, which bears some hallmarks associated with the Cl0p ransomware crew, is assessed to have fashioned together multiple distinct vulnerabilities, including a zero-day flaw tracked as CVE-2025-61882 (CVSS score: 9.8), to breach target networks and exfiltrate sensitive data."
"Every week, the cyber world reminds us that silence doesn't mean safety. Attacks often begin quietly - one unpatched flaw, one overlooked credential, one backup left unencrypted. By the time alarms sound, the damage is done. This week's edition looks at how attackers are changing the game - linking different flaws, working together across borders, and even turning trusted tools into weapons."
Attackers increasingly initiate breaches through single overlooked flaws, stolen credentials, or unencrypted backups and escalate before detection. Threat actors are chaining distinct vulnerabilities and collaborating across borders to craft multi-stage attack chains that exfiltrate data and deploy ransomware. Oracle E-Business Suite suffered zero-day exploitation (CVE-2025-61882) enabling network breaches and payload deployment of families like GOLDVEIN.JAVA, SAGEGIFT, SAGELEAF, and SAGEWAVE, while Oracle released updates for an additional EBS vulnerability (CVE-2025-61884). Microsoft-tracked Storm-1175 exploited GoAnywhere MFT (CVE-2025-10035) to launch opportunistic, multi-stage attacks including Medusa ransomware, impacting transportation, education, retail, insurance, and manufacturing sectors.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]