Clop Ransomware Exploits Oracle EBS Zero-Day for Data Theft

Cyber Security News by CyberSum.net

Published on October 8, 2025 at 11:23 PM

2 sources

The Clop ransomware group has been exploiting a zero-day vulnerability in Oracle E-Business Suite since August 2025. The flaw, tracked as CVE-2025-61882, allows unauthenticated attackers to execute arbitrary commands. Security researchers warn of widespread exploitation and urge immediate patching. The attack involves chaining multiple vulnerabilities to gain control over Oracle EBS systems.

Also Read

GlassWorm Malware Targets Developers via OpenVSX and VS Code

A new supply-chain attack is targeting developers on the OpenVSX and Microsoft Visual Studio marketplaces with self-spreading malware called GlassWorm. The malware, installed an estimated 35,800 times, hides its malicious code using invisible characters and spreads using stolen account information. It uses the Solana blockchain for command-and-control, making takedown difficult, with Google Calendar as a backup option. The malware steals credentials for GitHub, npm, and OpenVSX accounts, as well as cryptocurrency wallet data from 49 extensions. It also deploys a SOCKS proxy and installs VNC clients for invisible remote access. The final payload, called ZOMBI, turns infected systems into nodes for cybercriminal activities.

By Cyber Security News by CyberSum.netOctober 20, 2025 at 09:00 PM