Close Menu
TechurzTechurz
    What's Hot

    AI law startup Norm raises $120M, hits unicorn valuation

    July 7, 2026

    This startup pits dealerships against each other to bid on your used car

    July 7, 2026

    Savi’s app aims to protect consumers from realistic AI scams like kidnappers demanding ransom

    July 7, 2026
    X (Twitter) Pinterest YouTube LinkedIn WhatsApp
    Tech Pulse
    • AI law startup Norm raises $120M, hits unicorn valuation
    • This startup pits dealerships against each other to bid on your used car
    • Savi’s app aims to protect consumers from realistic AI scams like kidnappers demanding ransom
    • Station F ramps up as a launchpad for Europe’s hottest AI startups
    • Smart glasses maker Even Realities hits $1B valuation with $150M funding led by Meituan, Tencent
    X (Twitter) Pinterest YouTube LinkedIn WhatsApp
    TechurzTechurz
    • Home
    • Tech Pulse
    • Future Tech
    • AI Systems
    • Cyber Reality
    • Disruption Lab
    • Signals
    TechurzTechurz
    Home - Cyber Reality - Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks
    Cyber Reality

    Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks

    TechurzBy TechurzOctober 6, 2025Updated:May 10, 2026No Comments2 Mins Read
    Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
    Oracle Flaw
    Share
    Facebook Twitter LinkedIn Pinterest Email


    Oct 06, 2025Ravie LakshmananVulnerability / Threat Intelligence

    Oracle has released an emergency update to address a critical security flaw in its E-Business Suite that it said has been exploited in the recent wave of Cl0p data theft attacks.

    The vulnerability, tracked as CVE-2025-61882 (CVSS score: 9.8), concerns an unspecified bug that could allow an unauthenticated attacker with network access via HTTP to compromise and take control of the Oracle Concurrent Processing component.

    “This vulnerability is remotely exploitable without authentication, i.e., it may be exploited over a network without the need for a username and password,” Oracle said in an advisory. “If successfully exploited, this vulnerability may result in remote code execution.”

    In a separate alert, Oracle’s Chief Security Officer Rob Duhart said the company has released fixes for CVE-2025-61882 to “provide updates against additional potential exploitation that were discovered during our investigation.”

    As indicators of compromise (IoCs), the technology shared the following IP addresses and artifacts, indicating the likely involvement of the Scattered LAPSUS$ Hunters group as well in the exploit –

    News of the Oracle zero-day comes days after reports emerged of a new campaign likely undertaken by the Cl0p ransomware group targeting Oracle E-Business Suite. Google-owned Mandiant described the ongoing activity as a “high-volume email campaign” launched from hundreds of compromised accounts.

    In a post shared on LinkedIn, Charles Carmakal, CTO of Mandiant at Google Cloud, said “Cl0p exploited multiple vulnerabilities in Oracle EBS which enabled them to steal large amounts of data from several victims in August 2025,” adding “multiple vulnerabilities were exploited including vulnerabilities that were patched in Oracle’s July 2025 update as well as one that was patched this weekend (CVE-2025-61882).”

    “Given the broad mass zero-day exploitation that has already occurred (and the n-day exploitation that will likely continue by other actors), irrespective of when the patch is applied, organizations should examine whether they were already compromised,” Carmakal noted.

    (This is a developing story. Please check back for more details.)

    attacks Cl0p CVE202561882 data exploited Oracle patch Rushes Theft
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleHeidi Health raises $65M Series B led by Steve Cohen’s Point72
    Next Article I charged my iPhone the ‘Apple way’ for 2 years – here’s the battery condition now
    Techurz
    • Website

    Related Posts

    Opinion

    Omen AI’s plan to optimize data centers is all wet

    June 29, 2026
    Opinion

    AI was supposed to kill engineering jobs, but new data suggests they’re the most resilient

    June 24, 2026
    Opinion

    Collecting robot training data is dirty, unglamorous work. Some AI labs are already paying XDOF to do it.

    June 17, 2026
    Add A Comment
    Latest Tech Pulse

    College social app Fizz expands into grocery delivery

    September 3, 20252,290

    12 Father’s Day E-Card Sites That Are Actually Good

    June 4, 202523

    SolarSquare in talks to raise up to $60M as India’s rooftop solar market draws major VC interest

    May 23, 202622
    Stay In Touch
    • YouTube
    • WhatsApp
    • Twitter
    • Pinterest
    • LinkedIn

    Techurz helps readers stay ahead of digital change with clear, practical, future focused technology intelligence written today,searched tomorrow.

    X (Twitter) Pinterest YouTube LinkedIn WhatsApp
    Company
    • About Us
    • Contact Us
    • Our Authors / Editorial Team
    • Write For Us
    • Advertise
    Policy
    • Editorial Policy
    • Privacy Policy
    • Terms and Conditions
    • Affiliate Disclosure
    • Cookie Policy
    • Disclaimer
    • DMCA
    Explore
    • AI Systems
    • Cyber Reality
    • Future Tech
    • Disruption Lab
    • Signals
    • Tech Pulse
    • Sitemap

    Join the Techurz Brief

    The future does not arrive suddenly.
    Stay ahead with fast, sharp tech signals.

    Type above and press Enter to search. Press Esc to cancel.