Oracle
CISA confirms hackers exploited Oracle E-Business Suite SSRF flaw
CISA has confirmed that an Oracle E-Business Suite flaw tracked as CVE-2025-61884 is being exploited in attacks, adding it to its Known Exploited Vulnerabilities catalog. GeekFeed previously reported that CVE-2025-61884 is an unauthenticated server-side request forgery (SSRF) vulnerability in the Oracle Configurator runtime component, which was linked to a leaked exploit used in July attacks. The US cybersecurity […]
Clop exploited Oracle zero-day for data theft since early August
The Clop ransomware gang has been exploiting a critical Oracle E-Business Suite (EBS) zero-day bug in data theft attacks since at least early August, according to cybersecurity company CrowdStrike. Tracked as CVE-2025-61882 and patched by Oracle over the weekend, this vulnerability was discovered in the BI Publisher Integration component of Oracle EBS’s Concurrent Processing component, allowing unauthenticated attackers […]
Oracle links Clop extortion attacks to July 2025 vulnerabilities
Oracle has linked an ongoing extortion campaign claimed by the Clop ransomware gang to E-Business Suite (EBS) vulnerabilities that were patched in July 2025. While the company has yet to attribute the attack to this ransomware operation, Rob Duhart, the Chief Security Officer of Oracle, confirmed that customers had received extortion emails from the gang. Duhart also […]
CISA warns of increased breach risks following Oracle Cloud leak
On Wednesday, CISA warned of heightened breach risks after the compromise of legacy Oracle Cloud servers earlier this year and highlighted the significant threat to enterprise networks. CISA said, “the nature of the reported activity presents potential risk to organizations and individuals, particularly where credential material may be exposed, reused across separate, unaffiliated systems, or […]
Oracle says “obsolete servers” hacked, denies cloud breach
Oracle finally confirmed in email notifications sent to customers that a hacker stole and leaked credentials that were stolen from what it described as “two obsolete servers.” However, the company added that its Oracle Cloud servers were not compromised, and this incident did not impact customer data and cloud services. “Oracle would like to state […]
Oracle privately confirms Cloud breach to customers
Oracle has finally acknowledged to some customers that attackers have stolen old client credentials after breaching a “legacy environment” last used in 2017, Bloomberg reported. However, while Oracle told clients this is old legacy data that is not sensitive, the threat actor behind the attack has shared data with GeekFeed from the end of 2024 […]
Oracle Health breach compromises patient data at US hospitals
A breach at Oracle Health impacts multiple US healthcare organizations and hospitals after a threat actor stole patient data from legacy servers. Oracle Health has not yet publicly disclosed the incident, but in private communications sent to impacted customers and from conversations with those involved, GeekFeed confirmed that patient data was stolen in the attack. Oracle […]
Oracle customers confirm data stolen in alleged cloud breach is valid
Despite Oracle denying a breach of its Oracle Cloud federated SSO login servers and the theft of account data for 6 million people, GeekFeed has confirmed with multiple companies that associated data samples shared by the threat actor are valid. Last week, a person named ‘rose87168’ claimed to have breached Oracle Cloud servers and began selling the alleged […]
Oracle denies breach after hacker claims theft of 6 million data records
Oracle denies it was breached after a threat actor claimed to be selling 6 million data records allegedly stolen from the company’s Oracle Cloud federated SSO login servers. “There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any […]
CISA warns of critical Oracle, Mitel flaws exploited in attacks
CISA has warned U.S. federal agencies to secure their systems against critical vulnerabilities in Oracle WebLogic Server and Mitel MiCollab systems that are actively exploited in attacks. The cybersecurity agency added a critical path traversal vulnerability (CVE-2024-41713) found in the NuPoint Unified Messaging (NPM) component Mitel’s MiCollab unified communications platform to its Known Exploited Vulnerabilities Catalog. […]