ADVERTISEMENT

Cl0p found exploiting Oracle EBS zero-day months before critical patch release

Google threat researchers have revealed that the Cl0p ransom gang, which is said to have compromised hundreds of companies in a zero-day spree targeting Oracle E Business Suite (EBS), likely began its exploit campaign back in July.

Oracle logo on cloud

By Cybernews

Stefanie Schappert
Stefanie Schappert Senior Journalist
Oct 10, 2025 Updated: 21 November 2025 3 min read
CL0p leak site Oracle breach
Cl0p leak site. Image by Cybernews.
ADVERTISEMENT

Cl0p threatens its victims – pay or be published

Clop ransom email to Oracle EBS victims
Cl0p ransom demand. Image by Google Threat Intelligence Group/Mandiant.
Jurgita Lapienyte justinasv Izabele Pukenaite vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News
Add us as your Preferred Source on Google.
ADVERTISEMENT