Home
Our Services
Free resources
- Privacy Research
  Free to use data privacy research
  Key Capabilities
  Latest privacy news tracking
  Product versions
  Latest privacy news tracking
  Track the latest news, breaches and fines
  Key features
  Tracks the latest breaches and fines
  View by industry
  View by breach method
  View by privacy topic
  Links to original articles
  Free to use
  
  Learn more »
  Latest Threat Intelligence
  Product versions
  Latest Threat Intelligence
  Track the Common Vulnerability Exposures (CVEs)
  Key features
  Tracks the latest vulnerabilities
  View by company
  View by breach method
  Links to NVD
  Free to use
  
  Learn more »
  Breach modelling and ROI calculator
  Product versions
  Breach modelling and ROI calculator
  Model what a breach would look like for you in your industry and use this to calculate your return on investment
  Key features
  Model your breach
  Assess the severity
  Compare by industry
  Breakdown costs
  Export to your business plan
  Free to use
  
  Learn more »
Privacy news
Company
- About Us
- FAQ
- Contact Us

Oracle links Clop extortion attacks to July 2025 vulnerabilities

pCrowdStrike catches insider feeding information to hackersppNvidia confirms October Windows updates cause gaming issuesppFCC rolls back cybersecurity rules for telcos despite statehacking risksppCISA warns Oracle Identity Manager RCE flaw is being actively exploitedppGoogle enables PixeltoiPhone file sharing via Quick Share AirDropppEnterprise password security and secrets management with Passwork 7ppIberia discloses customer data leak after vendor security breachppNew Costco Gold Star Members also get a 40 Digital Costco Shop CardppHow to access the Dark Web using the Tor BrowserppHow to enable Kernelmode Hardwareenforced Stack Protection in Windows 11ppHow to use the Windows Registry EditorppHow to backup and restore the Windows RegistryppHow to start Windows in Safe ModeppHow to remove a Trojan Virus Worm or other MalwareppHow to show hidden files in Windows 7ppHow to see hidden files in WindowsppRemove the Theonlinesearchcom Search RedirectppRemove the Smartwebfindercom Search RedirectppHow to remove the PBlock adware browser extensionppRemove the Toksearchesxyz Search RedirectppRemove Security Tool and SecurityTool Uninstall GuideppHow to Remove WinFixer Virtumonde Msevents TrojanvundoppHow to remove Antivirus 2009 Uninstall InstructionsppHow to remove Google Redirects or the TDSS TDL3 or Alureon rootkit using TDSSKillerppLocky Ransomware Information Help Guide and FAQppCryptoLocker Ransomware Information Guide and FAQppCryptorBit and HowDecrypt Information Guide and FAQppCryptoDefense and HowDecrypt Ransomware Information Guide and FAQppQualys BrowserCheckppSTOPDecrypterppAuroraDecrypterppFilesLockerDecrypterppAdwCleanerppComboFixppRKillppJunkware Removal ToolppeLearningppIT Certification CoursesppGear GadgetsppSecurityppBest VPNsppHow to change IP addressppAccess the dark web safelyppBest VPN for YouTubeppppOracle has linked an ongoing extortion campaign claimed by the Clop ransomware gang to EBusiness Suite EBS vulnerabilities that were patched in July 2025ppWhile the company has yet to attribute the attack to this ransomware operation Rob Duhart the Chief Security Officer of Oracle confirmed that customers had received extortion emails from the gangppDuhart also urged Oracle customers to update their software and advised those requiring further assistance to contact the Oracle support teamppOracle is aware that some Oracle EBusiness Suite EBS customers have received extortion emails Duhart said in a Thursday statement Our ongoing investigation has found the potential use of previously identified vulnerabilities that are addressed in the July 2025 Critical Patch Update Oracle reaffirms its strong recommendation that customers apply the latest Critical Patch UpdatesppAlthough it didnt pinpoint a specific vulnerability that could have been exploited Oracle addressed nine security flaws impacting its EBusiness Suite as part of its July 2025 Critical Patch Update three of them CVE202530745 CVE202530746 and CVE202550107 exploitable remotely without requiring user credentialsppMandiant and the Google Threat Intelligence Group GTIG told BleepingComputer this week that executives at multiple companies have received emails requesting ransoms to prevent sensitive data allegedly stolen from their Oracle EBusiness Suite systems from being leaked onlineppAccording to Genevieve Stark the head of GTIGs cybercrime unit the attackers began sending these extortion emails on or before September 29 2025 and the threat analysts are still investigating this malicious activityppWe are CL0P team If you havent heard about us you can google about us on internet We have recently breached your Oracle EBusiness Suite application and copied a lot of documents All the private files and other information are now held on our system an extortion email shared with BleepingComputer readsppWhile Mandiant Chief Technology Officer Charles Carmakal stated that there is insufficient evidence to determine if data has actually been stolen the Clop gang claimed in a statement shared with BleepingComputer that they are involved in the extortion campaign linking the attacks to a bug in an Oracle productppSoon all will become obvious that Oracle bugged up their core product and once again the task is on clop to save the day We do not damage to systems and only expect payment for services we provide to protect hundreds of biggest companies in world Clop saidppClops claims follow the extortion of dozens of victims in January who were breached in a massive wave of data theft attacks targeting a zeroday vulnerability CVE202450623 in Cleos secure file transfer softwareppPreviously the cybercrime group was linked to multiple other data theft campaigns targeting zeroday flaws in Accellion FTA GoAnywhere MFT and MOVEit Transfer with the latter impacting over 2770 organizations worldwideppThe US State Department now offers a 10 million reward for any information linking Clop ransomware attacks to a foreign governmentppAs MCP Model Context Protocol becomes the standard for connecting LLMs to tools and data security teams are moving fast to keep these new services safeppThis free cheat sheet outlines 7 best practices you can start using todayppClop extortion emails claim theft of Oracle EBusiness Suite datappLogitech confirms data breach after Clop extortion attackppAmerican Airlines subsidiary Envoy confirms Oracle data theft attackppClop exploited Oracle zeroday for data theft since early AugustppOracle patches EBS zeroday exploited in Clop data theft attacksppNot a member yet Register NowppCrowdStrike catches insider feeding information to hackersppWhatsApp API flaw let researchers scrape 35 billion accountsppMicrosoft Outofband update fixes Windows 11 hotpatch install loopppWhy your DevOps stack data might be more vulnerable than you think and how to address itppWorried about finance scams Get Avast Free Antivirus with intelligent online scam detectionppGet The CISOs Guide to Stopping Ransomware with PhishingResistant MFAppCMMC Made Simple Get auditready with Huntressfaster easier and more affordableppReview of Passwork Affordable EnterpriseGrade Password ManagerppEmpowering IT teams with intelligencedriven cyber threat researchppTerms of Use Privacy Policy Ethics Statement Affiliate DisclosureppCopyright 2003 2025 Bleeping Computer LLC All Rights ReservedppNot a member yet Register NowppRead our posting guidelinese to learn what content is prohibitedp

Read the original article 3 Oct 2025

Key Capabilities

Latest privacy news tracking

Latest Threat Intelligence

Breach modelling and ROI calculator

Oracle links Clop extortion attacks to July 2025 vulnerabilities