Investigation points to flaws patched in July security update.

Oracle confirmed that attackers exploited previously identified vulnerabilities addressed in its July 2025 Critical Patch Update, which included nine fixes for E-Business Suite. Extortion emails sent to executives claim data theft and appear to come from the Cl0p cybercrime group, using accounts previously linked to the FIN11 gang. Both groups have a history of launching campaigns that exploit vulnerabilities in widely-used software handling sensitive data, including zero-day attacks on file transfer products.

Read more:

https://www.securityweek.com/oracle-says-known-vulnerabilities-possibly-exploited-in-recent-extortion-attacks/