Clop Hackers Exploit Oracle Zero-Day Bug to Swipe Executives' Personal Data

Clop Hackers Caught Exploiting Oracle Zero-Day Bug to Steal Executives' Personal Data Oracle has fixed a zero-day vulnerability in its E-Business suite that hackers are currently exploiting to steal sensitive data about corporate executives. The tech giant released a new patch over the weekend, urging customers to install it as soon as possible. According to Oracle's chief security officer Rob Duhart, the bug, tracked officially as CVE-2025-61882, can be exploited over a network without requiring a username and password. "We urge all our customers to update their systems immediately," Duhart said in an updated post on the company's website. The vulnerability affects thousands of organizations worldwide that use Oracle's E-Business Suite to run their businesses, including storing customer data and employee HR files. The bug is considered a zero-day because it was exploited before Oracle had time to patch it. Oracle provided several indicators of compromise to help customers identify evidence of hackers on their systems. "We are working closely with our customers to ensure they have the necessary tools to detect and prevent this type of attack," Duhart said. The Clop hacking group is believed to be behind the exploitation of the vulnerability, which has been used to steal sensitive data from executives at various companies. The group's tactics have raised concerns among cybersecurity experts, who warn that such attacks can have serious consequences for businesses and individuals. Oracle's E-Business suite is a widely used business software product that provides a range of functionalities, including financial management, supply chain management, and human capital management. The vulnerability was discovered after hackers began exploiting it to steal sensitive data from executives at various companies. The incident highlights the importance of regular security updates and patches for businesses using Oracle's E-Business suite. "This is a wake-up call for all organizations that use this software," said cybersecurity expert, Mark Stanislav. "They need to take immediate action to protect themselves from these types of attacks." Oracle has assured customers that it will continue to work closely with them to ensure they have the necessary tools and support to prevent similar attacks in the future. As of now, Oracle's patch is available for download on its website, and customers are advised to install it as soon as possible. The company has also set up a dedicated page for customers to report any suspicious activity related to the vulnerability. The incident serves as a reminder of the importance of cybersecurity and the need for businesses to stay vigilant against emerging threats. As the threat landscape continues to evolve, companies must remain proactive in their approach to security to protect themselves from such attacks. Background: Oracle's E-Business suite is a widely used business software product that provides a range of functionalities, including financial management, supply chain management, and human capital management. The vulnerability was discovered after hackers began exploiting it to steal sensitive data from executives at various companies. Additional Perspectives: Cybersecurity expert Mark Stanislav warned that the incident highlights the importance of regular security updates and patches for businesses using Oracle's E-Business suite. "This is a wake-up call for all organizations that use this software," he said. "They need to take immediate action to protect themselves from these types of attacks." Current Status: Oracle has fixed the vulnerability with a new patch, which is available for download on its website. Customers are advised to install it as soon as possible and report any suspicious activity related to the vulnerability. Next Developments: As the threat landscape continues to evolve, companies must remain proactive in their approach to security to protect themselves from such attacks. Oracle will continue to work closely with its customers to ensure they have the necessary tools and support to prevent similar attacks in the future. *Reporting by Techcrunch.*