The latest alert comes after reports that the Cl0p ransomware group had exploited other security flaws in the Oracle software suite.

Security Boulevard is a leading cybersecurity news and information portal, offering articles, analysis, and insights on cybersecurity threats, vulnerabilities, and best practices. From the latest trends in cyber threats to expert commentary on security technologies and compliance frameworks, Security Boulevard provides resources for security professionals, IT leaders, and business executives seeking to protect their organizations from cyber attacks and data breaches.

Security Boulevard

Oracle disclosed a high-severity vulnerability (CVE-2025-61884) in its E-Business Suite that allows remote exploitation without authentication. The flaw affects versions 12.2.3 through 12.2.14 and could grant unauthorized access to sensitive data. This follows another zero-day vulnerability exploited by the Cl0p ransomware group, which has been targeting Oracle EBS customers for months, exfiltrating data and sending extortion emails to executives. The attacks involve multiple malware payloads and overlap with other cybercrime groups.

Oracle Warns of New EBS Vulnerability That Allows Remote Access