Oracle 0-Day Exploited by Cl0p Ransomware Group

Cyber Security News by CyberSum.net

Published on October 9, 2025 at 03:01 AM

2 sources

Threat actors tied to the Cl0p ransomware group have exploited a zero-day flaw in Oracle E-Business Suite to facilitate data theft. The vulnerability, tracked as CVE-2025-61882, allows unauthenticated attackers to compromise and control the Oracle Concurrent Processing component. Multiple vulnerabilities were exploited, including those patched in previous updates. The group has been active in stealing large amounts of data from several victims.

Also Read

PassiveNeuron Cyberespionage Campaign Resurfaces with New Tactics

The PassiveNeuron cyberespionage campaign has re-emerged after a six-month hiatus, targeting government, financial, and industrial organizations with sophisticated malware. The campaign primarily exploits Microsoft SQL servers to gain initial access, leveraging vulnerabilities or brute-forcing credentials. Attackers deploy ASPX web shells and adapt their techniques to evade detection, using custom malware like Neursite and NeuralExecutor. The campaign's persistence and targeted nature highlight the need for robust SQL injection defenses and comprehensive web shell detection.

By Cyber Security News by CyberSum.netOctober 21, 2025 at 09:00 PM