The Clop ransomware gang has been exploiting a critical Oracle E-Business Suite (EBS) zero-day bug in data theft attacks since at least early August 2025, according to cybersecurity company CrowdStrike. Tracked as CVE-2025-61882 and patched by Oracle on 01 October 2025, this vulnerability was discovered in the BI Publisher Integration component of Oracle EBS's Concurrent Processing component, allowing unauthenticated attackers to gain remote code execution on unpatched systems in low-complexity
