Oracle EBS Hit

Cyber Security News by CyberSum.net

Published on October 5, 2025 at 09:00 PM

17 sources

A widespread email extortion campaign is targeting users of Oracle E-Business Suite, with attackers claiming to have stolen data and demanding payment in exchange for not releasing it. The campaign is believed to be linked to the CL0P ransomware gang, which has been involved in similar attacks in the past. Oracle has confirmed that some of its customers have received extortion emails and is investigating the incident. The company has advised customers to apply the latest security patches and review the security of their EBS instances. The attackers are using previously compromised email accounts to send the extortion emails, making it difficult to track their origin.

Also Read

Spear-Phishing Campaign Targets Automobile and E-commerce Industries

Researchers at SEQRITE Labs have uncovered a targeted spear-phishing campaign aimed at organizations in the automobile and e-commerce industries. The operation, active since early October 2025, deploys a previously undocumented .NET-based backdoor dubbed CAPI, designed for credential theft, system reconnaissance, and persistent access. The attack chain uses tax-related decoy documents to lure employees and executes the payload through rundll32.exe, a legitimate Windows binary, to evade detection. The infection begins with a malicious ZIP archive named Payroll Recalculation as of October 1, 2025. Inside the ZIP, analysts found both LNK and PDF files, a common spear-phishing tactic to disguise executable payloads as legitimate business documents.

By Cyber Security News by CyberSum.netOctober 20, 2025 at 06:00 AM