The Hacker News

Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks

CrowdStrike links Oracle EBS CVE-2025-61882 (CVSS 9.8) to Cl0p with moderate confidence; CISA adds to KEV, patch by Oct 27, 2025.
Security Boulevard

CVE-2025-61882 Explained: The Oracle Zero-Day Breach That Hit Enterprises Hard

A critical zero-day vulnerability in Oracle E-Business Suite (EBS) was exploited by the Cl0p ransomware group in mid-2025.