The Oracle E-Business Suite incident highlights a severe cyberattack that has compromised critical vulnerabilities in enterprise resource planning systems, impacting approximately 100 organizations. The Clop ransomware group, linked to the financially motivated actor FIN11, exploited CVE-2025-61882, enabling unauthenticated remote code execution. This attack is particularly concerning given the reliance of organizations on Oracle EBS for essential operations such as finance and HR.
Victims include notable names like Harvard University and American Airlines’ subsidiary Envoy Air, with extensive data leaks threatening sensitive corporate data. The sophisticated approach employed by attackers features a pre-patch exploitation window, where they capitalized on the vulnerability even before Oracle released fixes. The breach underscores the necessity for systemic security across organizations to guard against future threats, emphasizing enhanced proactive security measures and thorough patch management.
👉 Pročitaj original: Cyber Security News
