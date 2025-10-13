erek
"While Clop would not share details about the attack, they confirmed to BleepingComputer that they were behind the emails and that a new Oracle flaw was exploited in the data theft attacks.
"Soon all will become obvious that Oracle bugged up their core product and once again, the task is on clop to save the day," the extortion gang told BleepingComputer.
Soon after, Oracle confirmed a new zero-day, tracked as CVE-2025-61882, was found in the software and issued an emergency update.
The Clop extortion gang has a long history of exploiting zero-day flaws in massive data theft attacks, including:
- 2020: Exploiting a zero-day in the Accellion FTA platform, affecting nearly 100 organizations.
- 2021: Exploiting a zero-day in SolarWinds Serv-U FTP software.
- 2023: Exploiting a zero-day in the GoAnywhere MFT platform, breaching over 100 companies.
- 2023: Exploiting a zero-day in MOVEit Transfer was Clop's most extensive campaign to date, where a zero-day exploit allowed data theft from 2,773 organizations worldwide.
- 2024: Exploited two Cleo file transfer zero-days (CVE-2024-50623 and CVE-2024-55956) to steal data and extort companies.
Source: https://www.bleepingcomputer.com/ne...ing-breach-linked-to-oracle-zero-day-exploit/