Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Oracle has fixed a vacant-day weakness in his flagship business software products that a hacking group is currently abusing to steal personal information about corporate executives.
In A short post Updated on the weekend, Oracle Chief Security Officer Rob Duhart says the Tech Giant has released a new patch to solve his Oracle e-Business Suite and urged customers to install the update as soon as possible.
The Protection consultation The Bug as the CVE -2025-61882 has officially tracked the bug says, “Any username and password can be used through a network without need for password.” This consultant provided a number of so -called indexes to help customers to detect the evidence of hackers on their system, which suggests that hackers are currently impossible to steal customer sensitive data.
Oracle Say Thousands of companies around the world use their e-business suits to manage their customers’ data and their employee’s human resources files.
The bug is known as A Zero-day Because Oracle, in this case the bug was not given any time to patches before exploiting.
Duhart’s updated post is an almost face at the beginning of this week, when a previous version of his post said that Oracle was aware that some executive had received “extortion emails” with previously identified weaknesses in July, which suggested that extortion expedition had ended. The newly identified Zero-Day buggy suggests that hackers used to use errors in Oracle’s e-business software that was unknown to Oracle at that time.
The news of extortion efforts aimed at corporate executives was first published last week.
October 2, Google Protection Researchers said they found the hacking group known as Klopp, which has been associated with numerous Ransomware attacks And Extortion In recent years, was Sending the email Oracle Executives Demanding money not to disclose their personal information online on September 28th.
Google’s Events Response Unit Mandient Chief Technology Officer Charles Carmakal said at one Post on Sunday on LinkedIn The weaknesses of Oracle’s e-business software were being used to promote a “mass exploitation” for data theft and extortion.
Carmakal said after the release of July patchs, most exploitation occurred during August.
“Klopp has been sending extortion to several victims since last Monday,” but mentioned that hackers have not yet reached all the victims.
