Clop hackers caught exploiting Oracle zero-day bug to steal executives’ personal data

Summary

Oracle has fixed a zero-day vulnerability in one of its flagship business software products that a hacking group is currently abusing to steal personal information about corporate executives. In a brief post updated over the weekend, Oracle chief security officer Rob Duhart said the tech giant released a new patch to fix a vulnerability in its Oracle E-Business suite, and urged customers to install the update as soon as possible. The security advisory said the bug, tracked officially as CVE-2025-61882, can be “exploited over a network without the need for a username and password.” The advisory provided several so-called indicators of compromise to help Oracle customers identify evidence of hackers on their systems, suggesting that hackers are currently exploiting the vulnerability to steal customers’ sensitive data. Oracle says thousands of organizations around the world use its E-Business Suite to run their companies, including storing their customer data and their employees’ human resources files. The bug is known as a zero-day because Oracle, in this case, was given no time to patch the bug before it was maliciously exploited. Duhart’s updated post is an about-face from earlier this week, when a previous version of his post said Oracle was aware that some executives “have received extortion emails” linked to previously identified vulnerabilities patched in July, suggesting the extortion campaign was over. The newly identified zero-day bug suggests the hackers continued to exploit flaws in Oracle’s E-Business software that were unknown to Oracle at the time. News of the extortion attempts targeting corporate executives first emerged last week. On October 2, Google security researchers said they found the prolific hacking group called Clop, which has been linked to numerous ransomware attacks and extortion attempts in recent years, was sending emails to Oracle executives around September 29 demanding money to not publish their personal information online. Charles C...