同社はアドバイザリの公表に先立ち、現地時間2025年10月3日に「Oracle E-Business Suite」の一部利用者に脅迫メールが届いていると説明。標的とされた脆弱性について、Oracleの説明では2025年7月の四半期定例パッチで修正済みとし、既知の脆弱性が悪用されたとの見方を示していた。

The Clop ransomware gang has been exploiting a critical Oracle E-Business Suite (EBS) zero-day bug in data theft attacks ...

Oracle patched a zero-day vulnerability in Oracle E-Business Suite and urged customers to immediately install the fix. The ...

Oracle is warning about a critical E-Business Suite zero-day vulnerability tracked as CVE-2025-61882 that allows attackers to ...

2025年10月に入って発表された「Oracle E-Business Suite」の脆弱性をはじめ、7件の脆弱性を「悪用が確認された脆弱性カタログ（KEV）」へ追加。米国内の行政機関へ指定期間内に対応するよう求めるとともに、広く注意喚起を行った。

CrowdStrike links Oracle EBS CVE-2025-61882 (CVSS 9.8) to Cl0p with moderate confidence; CISA adds to KEV, patch by Oct 27, ...

Mandiant researchers said Clop ransomware is indeed linked to a series of emails threatening to release stolen data.

Oracle has rushed out an emergency patch for its E-Business Suite to deal with a zero-day threat already being exploited in ...

Information about the vulnerability exposed by EBS portals is spreading, raising likelihood of new attacks, experts warn.

Oracle E-Business Suite (EBS) customers have been urged to patch a critical vulnerability in the product, after reports that ...

Security boffins say the Clop cybercriminal gang has been rummaging through Oracle's E-Business Suite (EBS) for months – and ...

The data extortion campaign targeting Oracle E-Business Suite customers is connected to vulnerabilities addressed by the ...