The Hacker News

Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks

CrowdStrike links Oracle EBS CVE-2025-61882 (CVSS 9.8) to Cl0p with moderate confidence; CISA adds to KEV, patch by Oct 27, 2025.
Computerworld

Web attack toolkit exploits unpatched Microsoft XML flaw

An exploit for an unpatched vulnerability in the Microsoft XML Core Services (MSXML) has been incorporated into Blackhole, one of the most widely used Web attack toolkits, according to security ...
Security Boulevard

CVE-2025-61882 Explained: The Oracle Zero-Day Breach That Hit Enterprises Hard

A critical zero-day vulnerability in Oracle E-Business Suite (EBS) was exploited by the Cl0p ransomware group in mid-2025.
CSOonline

CISOs advised to rethink vulnerability management as exploits sharply rise

Surge in vulnerabilities and exploits leaving overloaded security teams with little recourse but to embrace risk-based approaches to patching what they can. Enterprise attack surfaces continue to ...