"Cl0p exploited multiple vulnerabilities in Oracle EBS which enabled them to steal large amounts of data from several victims in August 2025,"
"multiple vulnerabilities were exploited including vulnerabilities that were patched in Oracle's July 2025 update as well as one that was patched this weekend (CVE-2025-61882)."
Cl0p-linked actors actively exploited multiple vulnerabilities in Oracle E-Business Suite, including CVE-2025-61882, enabling unauthenticated HTTP access to the Oracle Concurrent Processing component and large-scale data theft. CVE-2025-61882 has a CVSS score of 9.8 and received a weekend patch after observed exploitation. An established group tracked as Detour Dog has been compromising WordPress sites since 2020 to redirect visitors and deliver malware. Detour Dog leverages DNS TXT records to issue covert commands that trigger malicious redirects or fetch and execute payloads like the Strela Stealer only under specific conditions so most visitors see normal site content.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]